Core Viewpoint - The article discusses the security risks associated with the H20 chip from Nvidia, particularly focusing on the potential for backdoors and the implications of U.S. government policies regarding chip exports to China [3][4][24]. Group 1: Security Risks and Backdoors - The National Internet Information Office of China recently addressed Nvidia regarding security risks related to the H20 chip, suggesting concerns over potential backdoors [3]. - Nvidia's response emphasized that the chip does not contain backdoors, referencing the historical "Clipper chip" incident as a cautionary tale [4][6]. - A recent U.S. legislative proposal led by Congressman Bill Foster aims to mandate U.S. chip companies to incorporate backdoors in export-controlled chips, indicating a shift in policy towards more overt government control [8][10]. Group 2: Technical Aspects of Backdoors - Backdoors can be categorized into hardware and software types, with hardware backdoors being physical circuits left during design or manufacturing, while software backdoors involve implanted instructions in software [11][12]. - The H20 chip's power management module could theoretically implement a remote shutdown feature by embedding a circuit that triggers under specific conditions, such as usage time or environmental factors [14][15]. - The potential for software-based backdoors exists through updates to the CUDA ecosystem, which could allow for tracking and data collection functionalities [16][17]. Group 3: U.S. Government Control Mechanisms - The U.S. government has proposed a "chip governance mechanism" to coordinate chip design and production, ensuring compliance with national security requirements [19][20]. - This mechanism includes features such as license locking, tracking, usage monitoring, and usage restrictions, which could effectively control the deployment of chips like the H20 [20][23]. - Reports indicate that Nvidia's AI chips already possess many of the functionalities required for this governance mechanism, raising concerns about their safety and reliability for foreign markets [21][23]. Group 4: Performance and Environmental Concerns - The H20 chip is deemed not only unsafe but also technologically inferior, with only about 20% of the performance of its standard counterpart, the H100, and a 41% reduction in GPU core count [27]. - Environmental efficiency is also a concern, as the H20's energy efficiency ratio is approximately 0.37 TFLOPS/W, failing to meet the required 0.5 TFLOPS/W for energy-efficient GPUs [28]. - Given its lack of safety, technological advancement, and environmental compliance, the H20 chip is not considered a viable option for consumers [29][30].

Core Viewpoint - Nvidia has stated that its chips do not contain "backdoors," specifically referencing the "Clipper chip" incident from the past [1][3]. Group 1: Historical Context - In 1992, AT&T introduced a hardware device for secure voice transmission, which led to government dissatisfaction and the introduction of the "Clipper chip" containing a "cryptographic backdoor" for government access [3]. - The "Clipper chip" faced widespread resistance and was terminated within three years, leading the U.S. government to adopt a more discreet approach regarding "backdoors" in technology [3]. Group 2: Current Legislative Actions - In May 2023, U.S. Congressman Bill Foster proposed legislation requiring U.S. chip companies to include "backdoors" in export-controlled chips, asserting that the technology is mature and feasible [4][6]. Group 3: Technical Feasibility of Backdoors - There are two types of backdoors: hardware and software. Hardware backdoors involve physical modifications during chip design, while software backdoors involve embedded instructions in software [6]. - The Nvidia H20 chip can theoretically implement a "remote shutdown" feature through its power management module, which could be triggered under specific conditions [6][8]. - Another method for a hardware backdoor involves modifying the H20 chip's firmware to restrict functionality based on certain conditions, such as geographic location [8]. Group 4: Software Ecosystem and Backdoors - The CUDA ecosystem, used by over 4 million developers, could potentially facilitate the activation of backdoors through software updates, allowing for tracking and data collection [9][11]. - The U.S. aims to maintain AI dominance through both hardware and software ecosystems, necessitating other countries to develop independent alternatives [11]. Group 5: On-Chip Governance Mechanism - The U.S. government has proposed an "on-chip governance mechanism" to coordinate chip design and production, which includes features like license locking, tracking, usage monitoring, and usage restrictions [12][14]. - Many leading chip manufacturers, including Nvidia, already possess the necessary functionalities for this governance mechanism, although some may not yet be activated [14]. Group 6: Concerns Regarding Nvidia's H20 Chip - The H20 chip is considered unsafe for China, as it lacks advanced features and has only about 20% of the performance of its standard counterpart, the H100 [17][20]. - The H20 chip's energy efficiency is approximately 0.37 TFLOPS/W, failing to meet the 0.5 TFLOPS/W standard set by China's green development initiatives [18][19]. - Given its lack of safety, advancement, and environmental compliance, the H20 chip is deemed a poor choice for consumers [20][21].

Core Viewpoint - Nvidia has stated that its chips do not contain "backdoors," specifically addressing the "Clipper chip" incident from the past [1][2]. Group 1: Historical Context of Backdoors - In 1992, AT&T launched a hardware device for secure voice transmission, which led to government dissatisfaction and the introduction of the "Clipper chip" containing a "backdoor" for government access [3][4][5]. - The "Clipper chip" faced significant resistance and was terminated within three years, leading the government to adopt a more discreet approach regarding "backdoors" [6]. Group 2: Current Legislative Developments - In May of this year, U.S. Congressman Bill Foster proposed legislation requiring U.S. chip companies to include "backdoors" in export-controlled chips [8]. - Foster, with a background in chip design, asserted that the technology to implement such features is mature and feasible [9]. Group 3: Technical Feasibility of Backdoors - There are two main types of "backdoors": hardware and software [12][20]. - Using Nvidia's H20 chip as an example, a hardware "backdoor" could be implemented through the power management module to enable remote shutdown capabilities [13][14]. - Software "backdoors" can be activated through updates to the CUDA ecosystem, which is widely used by developers globally [16][18]. Group 4: Implications of Backdoor Mechanisms - The "backdoor" mechanisms can facilitate tracking and remote disabling of chips, raising concerns about information security [19][23]. - The U.S. has developed a "chip governance mechanism" to coordinate chip design and production, ensuring control over AI chips [24][29]. Group 5: Concerns Regarding Nvidia's H20 Chip - The H20 chip, which is being exported to China, is considered unsafe due to its limited performance compared to the H100, with only about 20% of the overall computing power and a 41% reduction in GPU core count [33]. - The H20 chip's energy efficiency is also subpar, with a measured efficiency of 0.37 TFLOPS/W, failing to meet the required standards [37]. - Given its lack of advancement, environmental sustainability, and safety, the H20 chip is not seen as a viable option for consumers [40].