Apple is offering a reward of up to $1 million to anyone who can hack into a new set of AI-focused servers for Apple Intelligence, which is scheduled to launch next week.
Apple will test the security of its “private cloud computing,” a server that receives and processes user requests for Apple Intelligence when AI tasks are too complex for on-device processing on an iPhone, iPad, or Mac. This is what researchers are asking.
To address privacy concerns, Apple designed its private cloud computing servers to immediately delete user requests once the task is complete. Additionally, the system has end-to-end encryption, so Apple cannot reveal user requests made through Apple Intelligence, even though it controls the server hardware.
Still, Apple is calling on the security community to scrutinize privacy claims about private cloud computing. Cupertino started with a select group of researchers, but on Thursday opened its doors to interested members of the public.
Apple provides access to the source code for key components of Private Cloud Compute, giving researchers an easy way to analyze the software aspects of the technology. The company has also created a “virtual research environment” for macOS that can run its Private Cloud Compute software. Another useful tool is a security guide that provides technical details about the company’s server systems for Apple Intelligence.
“To further encourage research into private cloud computing, we are expanding the Apple Security Bounty to include bounties for vulnerabilities that demonstrate a violation of PCC’s fundamental security and privacy guarantees,” the company said. added.
Rewards include $250,000 for finding a way to remotely hack Private Cloud Compute and expose user data requests. Apple is also offering $1 million to anyone who can remotely attack a server and execute malicious computer code with privileges. Security research that reveals how to attack private cloud computing from a “privileged network location” will receive a lower reward.
Editor’s picks
Apple says it will consider bounties for reported vulnerabilities “even if they do not match the published category.”
“We believe that private cloud computing is the most advanced security architecture ever deployed for large-scale cloud AI computing. “We look forward to building trust with customers and making them even more secure and private over time.”
Like what you’re reading?
register to security watch A newsletter that delivers the top privacy and security articles straight to your inbox.
This newsletter may contain advertisements, deals, or affiliate links. By subscribing to our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe from the newsletter at any time.
About Michael Kang
senior reporter
