Nvidia chips hacked, fall victim to Rowhammer bit-flip attacks; here's how to secure the AI GPUs
Live Events
(You can now subscribe to our
(You can now subscribe to our Economic Times WhatsApp channel
A team of Canadian researchers has proved and demonstrated that Nvidia A6000 GPUs are vulnerable to Rowhammer bit-flip attacks , which can easily allow attackers to sabotage artificial intelligence models running on the widely used hardware of the tech giant. The attack, called GPU Hammer, was created by University of Toronto researchers Chris Lin, Joyce Qu, and Gururaj Saileshwar, and it may pose significant risks to AI usage. It is the first attack to show Rowhammer bit flips on GPU memories, specifically on a GDDR6 memory in an NVIDIA A6000 GPU According to the researchers, the attacks induce bit flips across all tested DRAM banks, despite in-DRAM defenses like TRR, using user-level CUDA code. These bit flips allow a malicious GPU user to tamper with another user's data on the GPU in shared, time-sliced environments. In a proof-of-concept, we use these bit flips to tamper with a victim's DNN models and degrade model accuracy from 80% to 0.1%, using a single bit flip.Rowhammer lets attackers alter or corrupt memory data by rapidly and repeatedly accessing a specific row of memory cells. This repeated hammering of selected rows causes bit flips in adjacent rows, turning digital zeros into ones or vice versa. So far, Rowhammer attacks have only been shown on memory chips used in CPUs for general-purpose computing.Reacting to the new research, Nvidia released a security notice saying that the fix is simple. The users just need to enable System-Level ECC , or error-correcting code. This simple setting creates a redundancy in the bits, so if one gets flipped, the system can automatically correct it before anything goes wrong.'For enterprise customer environments that require enhanced levels of assurance and integrity, NVIDIA recommends using professional and data center products (instead of consumer-grade graphics hardware) and ensuring that ECC is enabled to prevent Rowhammer-style attacks. This is enabled by default on the Hopper and Blackwell Data Center class of GPUs,' Nvidia said in a statement.When evaluating the risk, it's important to consider whether the GPU setup is single-tenant or multi-tenant. A Rowhammer attack between tenants can only be carried out if they access the GPU simultaneously.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Time of India
an hour ago
- Time of India
Microsoft launches AI-based Copilot Mode in Edge browser
Microsoft on Monday launched a new "Copilot Mode" on its Edge browser that uses artificial intelligence to improve the browsing experience, as the tech giant rushes to compete with rivals launching AI-based browsers and web search features. Copilot Mode can help carry out tasks, organize browsing into topic-based queries and compare results across all open tabs without requiring users to switch between them, Microsoft said. The update comes at a time when tech companies have rolled out several AI-powered online search tools. Nvidia-backed startup Perplexity AI launched its Comet browser earlier this month, while Reuters reported on OpenAI's upcoming AI browser. Rival Alphabet earlier this year launched " AI Mode ", an AI-only search feature on Google, and last week reported improvements in user engagement on such features. Microsoft said, under the new feature, users will see a page with a single input box combining chat, search and web navigation features. Copilot will also support voice navigation for browsing in Edge, the company added. The users will also soon be able to give Copilot permission to access additional browser context, such as user history and credentials, to take more concrete actions like making bookings or managing errands. Copilot will only be able to access browsing content when users enable it, and will provide visual cues to let users know when it is active in the background, Microsoft said. The feature will be available for free across Copilot markets in Windows and Mac PCs for a limited time and users can choose to opt out of it through Edge settings.
Time of India
an hour ago
- Time of India
Nvidia orders 300,000 H20 chips from TSMC due to robust China demand
Nvidia placed orders for 300,000 H20 chipsets with contract manufacturer TSMC last week, two sources said, with one of them adding that strong Chinese demand had led the US firm to change its mind about just relying on its existing stockpile. The Trump administration this month allowed Nvidia to resume sales of H20 graphics processing units (GPUs) to China, reversing an effective ban imposed in April designed to keep advanced AI chips out of Chinese hands due to national security concerns. Nvidia developed the H20 specifically for the Chinese market after US export restrictions on its other AI chipsets were imposed in late 2023. The H20 does not have as much computing power as Nvidia's H100 or its new Blackwell series sold in markets outside China. The new orders with Taiwan's TMSC would add to existing inventory of 600,000 to 700,000 H20 chips, according to the sources who were not authorised to speak to media and declined to be identified. For comparison purposes, Nvidia sold around 1 million H20 chips in 2024, according to US research firm SemiAnalysis. Nvidia CEO Jensen Huang said during a trip to Beijing this month that the level of H20 orders it received would determine whether production would begin again, adding that any restart to the supply chain would take nine months. The Information reported after Huang's trip that Nvidia had told customers it had limited H20 stocks available and it had no immediate plans to restart wafer production for the GPU. Nvidia needs to obtain export licenses from the US government to ship the H20 chips. It said in mid-July it had been assured by authorities that it would get them soon. The US Department of Commerce has yet to approve those licenses, one of the sources and a third source said. Nvidia on Monday declined to comment on the new orders or the status of its license applications. TSMC declined to comment. The US Commerce Department did not immediately respond to a request for comment. Nvidia has asked Chinese companies interested in purchasing Nvidia H20 chips to submit new documentation including order volume forecasts from clients, said one of the sources and a fourth source. Key product in US-Sino trade war The Trump administration said the resumption of H20 sales was part of negotiations with China over rare earth magnets - elements essential for many industries and which Beijing had limited exports of as trade war tensions escalated. The decision drew bipartisan condemnation from US legislators who are worried that giving China access to the H20 will impede US efforts to maintain its lead in AI technology. But Nvidia and others argue that it is important to retain Chinese interest in its chips - which work with Nvidia's software tools - so that developers do not completely switch over to offerings from rivals like Huawei. Before the April ban, Chinese technology giants including Tencent, ByteDance and Alibaba substantially increased H20 orders as they deployed DeepSeek's cost-effective AI models as well as their own models. The popularity of Nvidia products in China, despite the advent of rival, albeit less powerful, offerings from Huawei, has been underscored by a boom in repair demand for its other banned GPUS - many of which have been smuggled into the country. After the April ban on H20 sales, Nvidia warned that it would have to write off $5.5 billion in inventories, while Huang told the Stratechery podcast that the company also had to forgo $15 billion in potential sales.
Time of India
5 hours ago
- Time of India
Nvidia places huge order of its most powerful AI chip in China but why it may not meet demands
Nvidia has reportedly placed a significant order for H20 chipsets with contract manufacturer Taiwan Semiconductor Manufacturing Company (TSMC) last week. News agency Reuters report that this move signals a change in strategy, citing sources as saying that strong Chinese demand has prompted Nvidia to increase production rather than solely rely on its existing stockpile. The report said that Nvidia has ordered TSMC to manufacture 300,000 H20 chips that will add to the US chipmaker's current inventory of 600,000 to 700,000 H20 chips. For context, US research firm SemiAnalysis estimates Nvidia sold approximately 1 million H20 chips in 2024. Nvidia has also reportedly requested that Chinese companies interested in purchasing the H20 chips submit new documentation, including client order volume forecasts. Why Nvidia's latest H20 AI chip order for China is important Firstly, this order comes after the Trump administration reversed an effective April ban earlier this month, allowing Nvidia to resume sales of its H20 graphics processing units (GPUs) to China. The initial ban was implemented to restrict advanced AI chip access to Chinese entities, citing national security concerns. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Pierce Brosnan's Wife Lost 120 Pounds - This Is Her Now Undo Crucially, Nvidia requires export licenses from the US government to ship these H20 chips. While the company stated in mid-July it had received assurances from authorities regarding expedited approvals, the US Commerce Department has yet to officially approve these licenses, according to multiple sources cited by Reuters. Nvidia specifically developed the H20 for the Chinese market following broader US export restrictions imposed on its more powerful AI chipsets like the H100 and the new Blackwell series, which are sold in other global markets. Nvidia CEO Jensen Huang had previously stated this month during a visit to Beijing that the decision to restart H20 production would hinge on order volumes, noting that reactivating the supply chain would take about nine months. Prior to the April ban, major Chinese tech firms including Tencent, ByteDance, and Alibaba significantly increased their H20 orders, deploying them for cost-effective AI models like DeepSeek's, as well as their own. AI Masterclass for Students. Upskill Young Ones Today!– Join Now
