Apple has unveiled a new bug bounty challenge, offering rewards up to $1 million for anyone who can expose vulnerabilities in its Private Cloud Compute (PCC) servers, set to support its upcoming Apple Intelligence service. This initiative, announced Thursday, aims to bolster security as Apple prepares for the official launch of the AI-powered service next week. Although most Apple Intelligence processing will occur on personal devices, some requests will be handled by PCC servers, which must be fortified against cyber threats to protect user data.
To promote transparency and invite broad participation, Apple has provided researchers with a Private Cloud Compute Security Guide, detailing PCC’s authentication methods and privacy measures. A Virtual Research Environment (VRE), accessible to anyone attempting the bounty, allows users to explore PCC’s software in a secure Mac-based virtual setting. Apple has also shared PCC’s key source code components on GitHub for public review.
Apple encourages researchers to submit any significant vulnerabilities impacting PCC, promising rewards based on the quality of the findings, proof of impact, and potential risk to users. More details on submission guidelines can be found on the Apple Security Bounty page.
#MaltaDaily