Apple has confirmed it will open up its Private Cloud Compute (PCC) system – a secure cloud platform built to support the iPhone maker’s Apple Intelligence features – to security researchers who think they can spot vulnerabilities in its code.
Through the release of a Virtual Research Environment (VRE) and select PCC source code, the security community can inspect and validate the company’s security and privacy features.
To incentivize the reporting of vulnerabilities and bugs, Apple will offer up to $1 million as a reward for the most serious instance.
Apple bug bounties
PCC is engineered to ensure sensitive data from Apple devices is processed without compromising user privacy by preventing any unauthorized third party from accessing it, including Apple itself. Initially, only select auditors and researchers had access to review the code, but now Apple is expanding access to public researchers.
Running on macOS Sequoia 15.1 Developer Preview, the VRE allows users to boot PCC releases, examine the software and modify or debug it. The virtual environment is meant to mirror the secure cloud accurately, helping researchers to investigate its architecture without interfering with the live product.
Arbitrary code execution with arbitrary entitlements are the most lucrative discoveries, worth a $1 million bounty from the company. Other rewards, set at $250,000, $150,000, $100,000 and $50,000 are also available.
Apple also committed to considering reports that don’t match the predetermined categories, saying it would, “evaluate every report according to the quality of what’s presented, the proof of what can be exploited, and the impact to users.”
“We believe Private Cloud Compute is the most advanced security architecture ever deployed for cloud AI compute at scale, and we look forward to working with the research community to build trust in the system and make it even more secure and private over time,” the company added.
More from TechRadar Pro
- Microsoft claims it found a major macOS security bug that could put all your data at risk
- Check out the best cloud hosting providers and the best cloud computing services
- Want to protect your digital footprint? Consider using one of the best VPNs