On October 24, Apple took a big step forward in transparency by opening its Private Cloud Compute (PCC) to external security audits. Initially introduced in July as part of Apple Intelligence, PCC processes cloud-based Siri queries with a focus on security and privacy. Apple assured users it would allow third-party inspection of the service’s security — and is now delivering on that commitment.
In a blog post titled “Security research in Private Cloud Compute,” Apple announced that it has provided security researchers and independent auditors with early access to PCC resources. This includes the Virtual Research Environment (VRE), a unique platform that mirrors PCC’s architecture. The VRE allows researchers to explore key PCC components, including how user requests are authenticated, routed, and protected from potential threats. Apple also released a Private Cloud Compute Security Guide to outline the architecture’s design and offer technical insight into its defenses against data breaches and other forms of attack.
The VRE goes beyond typical security access, incorporating a virtual Secure Enclave Processor and using macOS’s support for paravirtualized graphics. While the VRE includes some minor modifications for local operation, Apple confirms that it replicates PCC's core environment, allowing auditors to evaluate it effectively.
Apple has also made the source code for essential PCC components available for limited inspection. Under a specialized license, researchers can analyze the CloudAttestation project for constructing PCC node attestations and the Thimble project, a daemon that works with CloudAttestation to verify transparency in data handling.
Enhanced Security Bounty Program
To encourage comprehensive security audits, Apple is extending its Apple Security Bounty program to cover PCC. Researchers can earn rewards starting at $50,000 for issues like accidental data leaks due to configuration errors. Top rewards, reaching up to $1 million, are reserved for those who can demonstrate code execution vulnerabilities within PCC. Apple states that any security issue with significant PCC impact, even if outside standard categories, will be eligible for a potential award.
In the blog post, Apple underscores PCC’s importance in pushing privacy standards in AI and cloud computing, asserting that PCC’s security architecture “is the most advanced ever deployed for cloud AI at scale.”
