Bug Bounties

Apple Unveils Virtual Research Environment, Bounty Program for PCC

binary code and magnifying glass

Apple has been gearing up for the launch of its proprietary Apple Intelligence AI system this week with the unveiling of a Virtual Research Environment for testing the security of its Private Cloud Compute platform, as well as a new bug bounty program for PCC, reports SC Media.

Such VRE, which is a first for an Apple platform, could be leveraged by cybersecurity researchers to extensively assess PCC software releases, according to Apple, which has also ensured public availability of the PCC components on GitHub.

"The VRE includes a virtual Secure Enclave Processor (SEP), enabling security research in this component for the first time – and also uses the built-in macOS support for paravirtualized graphics to enable inference," said Apple. Apple has also introduced an up to $1 million reward for the discovery of remote code execution flaws in PCC.

Bounties of $250,000, $150,000, and $100,000 will also be provided for the identification of remote attacks enabling request or sensitive data access, attacks from a privileged network position, and vulnerabilities allowing unattested code execution, respectively.

You can skip this ad in 5 seconds