With the expansion of its bug bounty program, the tech giant Apple welcomes researchers to test its Private Cloud computing (PCC) system. The company also offers rewards for people who detect vulnerabilities in their latest AI features.
Amidst the launch of much-awaited Apple Intelligence, Apple’s enhanced AI system by next week, the company is implementing ways to detect any security flaw in the upcoming system. Apple invites researchers to detect vulnerabilities in AI functionalities and even offers a reward of up to $100,0000.
Apple claims the AI features will run directly on Macs and iPhones, but is still planning to send requests to PCC servers that utilize Apple silicon and new operating systems for more difficult requests. PCC will store the AI requests securely while they are being processed in the Cloud.
Handling difficult requests involves vulnerabilities including cyber attacks and hacking, thus an efficient and improved system becomes mandatory. Apple has already implemented measures to prevent prone risk, however, inviting participants to detect issues substantiates how important the new Apple Intelligence is. The creation of the Private Cloud Compute system, exclusively to run Apple Intelligence features was announced at the Worldwide Developer Conference held in June.
The Private Cloud Compute system, that are going to be accessible to researchers for testing, has already undergone several scrutinies by security researchers and third-party auditors. This strategy not only helps the company detect issues if any but also helps to enhance the trust with the system. According to Apple PCC is the most refined security architecture ever built for cloud AI computers.
To improve the effectiveness of the detection process, the company has provided researchers with a private cloud computing security guide revealing the technical aspects of the PCC server including the request authentication process, software inspection procedure, and security design.
In addition to the guide, Apple also provides a ‘Virtual Research Environment’ to analyze the security features of PCC within the Mac. It allows software release inspection, download of the released files, boot of any release in the virtual environment, etc. The source code of certain key components is available on GitHub. With the expanded bug bounty program, Apple aims to resolve issues in PCC configuration, user exploitation, and unauthorized internal interface access.
Apple always stands on the front foot when it comes to privacy and it’s most anticipated
AI features can’t compromise enhanced privacy. Apple Intelligence was planned to launch with Apple 16, however, the delay signifies the company’s diligence in improving performance to stand out from the rest of the industry. According to reports, Apple Intelligence will be featured with iOS 18.1 which is expected to be officially released by the end of October.
The AI feature won’t be accessible automatically after downloading iOS 18.1 a user must manually join the waiting list to access the service. Apple Intelligence will only be available in the latest devices including iPhone 16, iPhone 16 pro, iPhone 16 pro max, iPhone 15, iPhone 15 pro, iPads, and Macs.
The breakdown of reward details
Apple plans to give different ranges of amounts to researchers according to the relevance of the issue detected.
$5000 will be given to people who detect deployment or configuration issues. Executing new uncertified codes will be rewarded with $100,000. If a researcher detects sensitive user details outside PCC will be given $150,000. Finding user request information outside the trust boundary will be rewarded with $250,000. Detecting random execution of code without the user’s knowledge will be awarded $1000,000.
Any detection other than the above-listed category will also be considered for rewards if found applicable, promises Apple. The company will evaluate the detected issues and find their relevance before a reward gets sanctioned.
