NVIDIA has publicly denied allegations from Chinese regulators that its AI-focused data center GPUs contain hidden backdoors or remote deactivation features, commonly referred to as “kill switches,” reaffirming a longstanding position that such mechanisms are not built into its hardware and never will be.
The statement was issued by David Reber Jr., NVIDIA’s Chief Security Officer, following a request from China’s Cyberspace Administration last week. The agency demanded technical documentation on NVIDIA’s H20 GPU, citing security concerns over alleged vulnerabilities, including unspecified “backdoor” risks. The H20 is a data center chip developed specifically for the Chinese market in compliance with US export restrictions.
NVIDIA's response comes amid heightened geopolitical tensions surrounding the global AI chip supply chain. The company is navigating a complex regulatory landscape, balancing strong commercial demand from China with US national security policies that have already led to export restrictions on several of its high-performance chips. The US government has expressed concern that such chips could accelerate China’s military or surveillance capabilities, and some lawmakers have proposed adding tracking mechanisms to exported AI hardware, proposals that mirror the type of control China now suspects exists.
Founded in 1993 and headquartered in Santa Clara, California, NVIDIA has grown into a central figure in global computing. Its GPUs are integral to a wide range of critical infrastructure, from medical imaging systems and scientific research platforms to self-driving cars and AI data centers. Given their pervasive role, the company argues that embedding remote access or control mechanisms would introduce unacceptable risks, potentially exposing global infrastructure to catastrophic single-point failures if exploited.
Reber emphasized that adding such capabilities would contradict core cybersecurity principles, citing the concept of “defense in depth,” an approach that relies on layered protections without centralized control points. Instead of covert hardware features, NVIDIA champions open, transparent, and user-controlled software tools for system diagnostics, bug reporting, and security patching.
To reinforce the dangers of embedded control mechanisms, NVIDIA pointed to historical failures like the 1990s-era Clipper Chip, a US government project that aimed to include encryption backdoors for lawful access but was widely discredited by security experts due to its vulnerability to abuse and its erosion of public trust in technology providers.
The company also dismissed comparisons to software-based user features like smartphone “remote wipe” tools, clarifying that such functions are opt-in and transparent, unlike hard-coded hardware traps that users cannot audit or disable.
Leave a Reply