Apple opens up Private Cloud Compute to security researchers, offers bug bounties up to $1 million

Apple has confirmed it will open up its Private Cloud Compute (PCC) system – a secure cloud platform built to support the iPhone maker’s Apple Intelligence features – to security researchers who think they can spot vulnerabilities in its code.

Through the release of a Virtual Research Environment (VRE) and select PCC source code, the security community can inspect and validate the company’s security and privacy features.

To incentivize the reporting of vulnerabilities and bugs, Apple will offer up to $1 million as a reward for the most serious instance.

Apple bug bounties

PCC is engineered to ensure sensitive data from Apple devices is processed without compromising user privacy by preventing any unauthorized third party from accessing it, including Apple itself. Initially, only select auditors and researchers had access to review the code, but now Apple is expanding access to public researchers.

Running on macOS Sequoia 15.1 Developer Preview, the VRE allows users to boot PCC releases, examine the software and modify or debug it. The virtual environment is meant to mirror the secure cloud accurately, helping researchers to investigate its architecture without interfering with the live product.

Arbitrary code execution with arbitrary entitlements are the most lucrative discoveries, worth a $1 million bounty from the company. Other rewards, set at $250,000, $150,000, $100,000 and $50,000 are also available.

Apple also committed to considering reports that don’t match the predetermined categories, saying it would, “evaluate every report according to the quality of what’s presented, the proof of what can be exploited, and the impact to users.”

“We believe Private Cloud Compute is the most advanced security architecture ever deployed for cloud AI compute at scale, and we look forward to working with the research community to build trust in the system and make it even more secure and private over time,” the company added.

Microsoft claims it found a major macOS security bug that could put all your data at riskCheck out the best cloud hosting providers and the best cloud computing servicesWant to protect your digital footprint? Consider using one of the best VPNs

Related posts

These are the companies using AI-driven dynamic pricing the most – and the top users probably won’t surprise you

Synology patches critical vulnerabilities, urges users to update devices against zero-click attacks

NYT Connections today — my hints and answers for Sunday, December 22 (game #560)

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More