Workflow
Clipper芯片
icon
Search documents
警惕!芯片安装“后门”,招数不少
Huan Qiu Shi Bao· 2025-08-11 22:38
Group 1 - The core issue revolves around the security risks associated with the H20 computing chip from NVIDIA, with concerns about potential backdoors that could be exploited by U.S. government agencies [1][2] - U.S. lawmakers have proposed the "Chip Security Act," which mandates that all high-end AI GPUs and chips must implement location tracking technology within 180 days to prevent them from reaching specific countries, particularly mainland China [2][3] - Experts suggest that while NVIDIA denies the existence of tracking and remote shutdown capabilities in the H20 chip, the chip's design details remain highly confidential, complicating the detection of any potential backdoors [2][3] Group 2 - Hardware backdoors are malicious circuits or codes intentionally embedded in devices, allowing unauthorized access by attackers, and the feasibility of adding such backdoors is high from both hardware and software perspectives [3][4] - Historical examples include the Clipper chip, which was intended to secure communications but was found to have significant flaws, and Intel's Management Engine, which allegedly contained a hidden switch that could disable its functions at the request of U.S. intelligence [4][5] - Software backdoors can be more easily implemented without hardware modifications, with complex GPU drivers providing opportunities for hidden backdoor codes that can track device locations and operational times [5][6] Group 3 - There are concerns that even if U.S. hardware manufacturers do not cooperate, intelligence agencies may independently implant backdoors in products, as evidenced by a case where a U.S. intelligence agency infiltrated a hard drive company to embed problematic code in their firmware [6]
英伟达深夜发声明:NVIDIA 芯片不存在后门、终止开关和监控软件
Xi Niu Cai Jing· 2025-08-11 05:51
Group 1 - The core issue revolves around serious security concerns related to NVIDIA's H20 computing chip, prompting the National Internet Information Office to request explanations and proof from NVIDIA regarding the security risks associated with backdoor vulnerabilities [1] - NVIDIA officially responded on August 6, stating that their chips do not contain backdoors, kill switches, or monitoring software, emphasizing the importance of user consent and awareness in hardware design [4] - The company referenced the historical Clipper chip incident to highlight the dangers of built-in backdoors, which were found to have fundamental flaws that could be exploited, undermining user trust in system security [4] Group 2 - Experts and policymakers have suggested the need for "kill switches" in hardware to mitigate misuse risks, but NVIDIA firmly opposes the implementation of such features, arguing they violate basic cybersecurity principles [4] - The existence of government backdoors is seen as detrimental to user confidence in system security, as it creates single points of failure [4] - NVIDIA's statement aims to reassure stakeholders about the integrity of their products and the company's commitment to cybersecurity [4]
美国如何给芯片安“后门”
是说芯语· 2025-08-10 07:00
Core Viewpoint - The article discusses the security risks associated with the H20 chip from Nvidia, particularly focusing on the potential for backdoors and the implications of U.S. government policies regarding chip exports to China [3][4][24]. Group 1: Security Risks and Backdoors - The National Internet Information Office of China recently addressed Nvidia regarding security risks related to the H20 chip, suggesting concerns over potential backdoors [3]. - Nvidia's response emphasized that the chip does not contain backdoors, referencing the historical "Clipper chip" incident as a cautionary tale [4][6]. - A recent U.S. legislative proposal led by Congressman Bill Foster aims to mandate U.S. chip companies to incorporate backdoors in export-controlled chips, indicating a shift in policy towards more overt government control [8][10]. Group 2: Technical Aspects of Backdoors - Backdoors can be categorized into hardware and software types, with hardware backdoors being physical circuits left during design or manufacturing, while software backdoors involve implanted instructions in software [11][12]. - The H20 chip's power management module could theoretically implement a remote shutdown feature by embedding a circuit that triggers under specific conditions, such as usage time or environmental factors [14][15]. - The potential for software-based backdoors exists through updates to the CUDA ecosystem, which could allow for tracking and data collection functionalities [16][17]. Group 3: U.S. Government Control Mechanisms - The U.S. government has proposed a "chip governance mechanism" to coordinate chip design and production, ensuring compliance with national security requirements [19][20]. - This mechanism includes features such as license locking, tracking, usage monitoring, and usage restrictions, which could effectively control the deployment of chips like the H20 [20][23]. - Reports indicate that Nvidia's AI chips already possess many of the functionalities required for this governance mechanism, raising concerns about their safety and reliability for foreign markets [21][23]. Group 4: Performance and Environmental Concerns - The H20 chip is deemed not only unsafe but also technologically inferior, with only about 20% of the performance of its standard counterpart, the H100, and a 41% reduction in GPU core count [27]. - Environmental efficiency is also a concern, as the H20's energy efficiency ratio is approximately 0.37 TFLOPS/W, failing to meet the required 0.5 TFLOPS/W for energy-efficient GPUs [28]. - Given its lack of safety, technological advancement, and environmental compliance, the H20 chip is not considered a viable option for consumers [29][30].
玉渊谭天独家观察:美国如何给芯片安“后门”
Xin Lang Cai Jing· 2025-08-10 04:26
Core Viewpoint - Nvidia has stated that its chips do not contain "backdoors," specifically referencing the "Clipper chip" incident from the past [1][3]. Group 1: Historical Context - In 1992, AT&T introduced a hardware device for secure voice transmission, which led to government dissatisfaction and the introduction of the "Clipper chip" containing a "cryptographic backdoor" for government access [3]. - The "Clipper chip" faced widespread resistance and was terminated within three years, leading the U.S. government to adopt a more discreet approach regarding "backdoors" in technology [3]. Group 2: Current Legislative Actions - In May 2023, U.S. Congressman Bill Foster proposed legislation requiring U.S. chip companies to include "backdoors" in export-controlled chips, asserting that the technology is mature and feasible [4][6]. Group 3: Technical Feasibility of Backdoors - There are two types of backdoors: hardware and software. Hardware backdoors involve physical modifications during chip design, while software backdoors involve embedded instructions in software [6]. - The Nvidia H20 chip can theoretically implement a "remote shutdown" feature through its power management module, which could be triggered under specific conditions [6][8]. - Another method for a hardware backdoor involves modifying the H20 chip's firmware to restrict functionality based on certain conditions, such as geographic location [8]. Group 4: Software Ecosystem and Backdoors - The CUDA ecosystem, used by over 4 million developers, could potentially facilitate the activation of backdoors through software updates, allowing for tracking and data collection [9][11]. - The U.S. aims to maintain AI dominance through both hardware and software ecosystems, necessitating other countries to develop independent alternatives [11]. Group 5: On-Chip Governance Mechanism - The U.S. government has proposed an "on-chip governance mechanism" to coordinate chip design and production, which includes features like license locking, tracking, usage monitoring, and usage restrictions [12][14]. - Many leading chip manufacturers, including Nvidia, already possess the necessary functionalities for this governance mechanism, although some may not yet be activated [14]. Group 6: Concerns Regarding Nvidia's H20 Chip - The H20 chip is considered unsafe for China, as it lacks advanced features and has only about 20% of the performance of its standard counterpart, the H100 [17][20]. - The H20 chip's energy efficiency is approximately 0.37 TFLOPS/W, failing to meet the 0.5 TFLOPS/W standard set by China's green development initiatives [18][19]. - Given its lack of safety, advancement, and environmental compliance, the H20 chip is deemed a poor choice for consumers [20][21].
美国如何给芯片安“后门”
Hu Xiu· 2025-08-10 04:15
Core Viewpoint - Nvidia has stated that its chips do not contain "backdoors," specifically addressing the "Clipper chip" incident from the past [1][2]. Group 1: Historical Context of Backdoors - In 1992, AT&T launched a hardware device for secure voice transmission, which led to government dissatisfaction and the introduction of the "Clipper chip" containing a "backdoor" for government access [3][4][5]. - The "Clipper chip" faced significant resistance and was terminated within three years, leading the government to adopt a more discreet approach regarding "backdoors" [6]. Group 2: Current Legislative Developments - In May of this year, U.S. Congressman Bill Foster proposed legislation requiring U.S. chip companies to include "backdoors" in export-controlled chips [8]. - Foster, with a background in chip design, asserted that the technology to implement such features is mature and feasible [9]. Group 3: Technical Feasibility of Backdoors - There are two main types of "backdoors": hardware and software [12][20]. - Using Nvidia's H20 chip as an example, a hardware "backdoor" could be implemented through the power management module to enable remote shutdown capabilities [13][14]. - Software "backdoors" can be activated through updates to the CUDA ecosystem, which is widely used by developers globally [16][18]. Group 4: Implications of Backdoor Mechanisms - The "backdoor" mechanisms can facilitate tracking and remote disabling of chips, raising concerns about information security [19][23]. - The U.S. has developed a "chip governance mechanism" to coordinate chip design and production, ensuring control over AI chips [24][29]. Group 5: Concerns Regarding Nvidia's H20 Chip - The H20 chip, which is being exported to China, is considered unsafe due to its limited performance compared to the H100, with only about 20% of the overall computing power and a 41% reduction in GPU core count [33]. - The H20 chip's energy efficiency is also subpar, with a measured efficiency of 0.37 TFLOPS/W, failing to meet the required standards [37]. - Given its lack of advancement, environmental sustainability, and safety, the H20 chip is not seen as a viable option for consumers [40].