Skip to main content

Apple will pay up to $1M to anyone who hacks its AI cloud

Apple's Craig Federighi speaking about macOS security at WWDC 2022.
Image used with permission by copyright holder

Apple just made an announcement that shows it means business when it comes to keeping Apple Intelligence secure. The company is offering a massive bug bounty of up to $1 million to anyone who is able to hack its AI cloud, referred to as Private Cloud Compute (PCC). These servers will take over Apple Intelligence tasks when the on-device AI capabilities just aren’t good enough — but there are downsides, which is why Apple’s bug-squashing mission seems like a good idea.

As per a recent Apple Security blog post, Apple has created a virtual research environment and opened the doors to the public to let everyone take a peek at the code and judge its security. The PCC was initially only available to a group of security researchers and auditors, but now, anyone can take a shot at trying to hack Apple’s AI cloud.

Recommended Videos

A lot of Apple Intelligence tasks are said to be done on-device, but for more complex demands, the PCC steps in. Apple offers end-to-end encryption and only makes the data available to the user to ensure that your private requests remain just that — private. However, with sensitive data like what AI might handle, be it on Macs or iPhones, users are right to feel concerned about the potential of the data leaving their device and ending up in the wrong hands.

Apple's Craig Federighi discussing Apple Intelligence at the Worldwide Developers Conference (WWDC) 2024.
Apple

That’s presumably partly why Apple is now reaching out to anyone who’s interested with this lucrative offer. The company provides access to the source code for some of the most important parts of PCC, which will make it possible for researchers to dig into its flaws.

The $1 million bounty is not universal. That’s the highest reward for the person or the team who manages to run malicious code on the PCC servers. The next-highest bounty sits at $250,000 and covers exploits that might allow hackers to extract user data from Apple’s AI cloud. There are also smaller rewards, starting at $150,000, which will be paid out to anyone who accesses user data from a “privileged network position.”

Apple’s bug bounty program has previously helped it spot exploits ahead of time while rewarding the researchers involved. A couple of years ago, Apple paid a student $100,000 for successfully hacking a Mac. Let’s hope that if there are any bugs to be found in Apple’s AI cloud, they’ll be spotted before Apple Intelligence becomes widely available.

Monica J. White
Monica is a computing writer at Digital Trends, focusing on PC hardware. Since joining the team in 2021, Monica has written…
Apple Mac Mini M2 vs. M1: don’t make a buying mistake
Apple Mac Mini M1 sitting on a desk.

Apple's new Mac Mini M2 promises better performance and features at a lower price. But with the next-gen machine now out and making the rounds, you can score a deal on a last-gen Mac Mini M1. Which should you buy?

With the same external design and similar port selection, the Mac Mini M2 looks like an internal-only upgrade to Apple's mini desktop. There are some significant differences compared to the M1 model, however, and they can make a huge difference in performance.
Pricing

Read more
The M1 has a major security loophole that Apple can’t patch
Apple M1 processor on a mainboard.

Researchers at MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) have discovered a new security vulnerability that targets Apple's popular M1 processor. The attack, dubbed PACMAN, is capable of bypassing the last line of defense against software bugs on the M1 and potentially other ARM-based processors.

PACMAN attacks pointer authentication, which is the final stop for most software vulnerabilities. Pointer authentication confirms that a program hasn't been changed in any malicious way, serving as a "safety net ... in the worst case scenario," as MIT PhD student Joseph Ravichandran put it. MIT's researchers developed PACMAN as a way to guess the pointer authentication signature, bypassing this critical security mechanism. Researchers say PACMAN exploits a hardware mechanism, so a software patch won't be able to fix it.

Read more
Companies are already planning to one-up the M2 — including Apple
Mac Mini sitting on desk.

Apple just announced the M2 processor for the 2022 MacBook Air and 13-inch MacBook Pro. Now, a new report suggests that Apple is already working on a more powerful Pro version that should enter production later this year. More importantly, it reportedly will use a faster, more advanced manufacturing process.

An M2 Pro chip will enter mass production later this year, 9to5Mac reports . The report says the new chip will use chipmaker TSMC's 3nm manufacturing process, unlike the base M2 that's based on 5nm. A smaller node means Apple can squeeze more transistors on the chip and improve performance.

Read more