Last Updated:
Apple has set up a big rewards program for researchers who can fully access the back end of its AI servers and check for issues
Apple is asking researchers to check for issues with its AI servers
Apple is really confident about the security of its new AI server platform, so much that it is willing to offer Rs 8 crore if anyone can find issues with its servers. The company has started a bug bounty program for its Private Cloud Compute that is the system powering its Apple Intelligence features.
These programs help companies outsource their security efforts to a wider audience and if they manage to find anything troublesome with the PCC, Apple will reward them up to $1 million (Rs 8.3 crore approx) for their discoveries.
Allowing third-party researchers to investigate the PCC platform shows Apple is confident about its robust infrastructure and privacy standards that will keep the data secure. The company is also accepting that if people do find major issues that can break its systems, they will be handsomely rewarded for their skill, time and effort.
Apple Intelligence Security Program: What It Includes And How Much Reward Offered
Apple has explained the program in detail and the official post sheds more light on what issues the company will consider for the bug bounty:
Accidental data disclosure: vulnerabilities leading to unintended data exposure due to configuration flaws or system design issues.
External compromise from user requests: vulnerabilities enabling external actors to exploit user requests to gain unauthorised access to PCC.
Physical or internal access: vulnerabilities where access to internal interfaces enables a compromise of the system.
Apple AI Bug Rewards
Remote attack on request data:
– Arbitrary code execution with arbitrary entitlements – $1,000,000 (Rs 8.3 crore approx)
– Access to a user’s request data or sensitive information about the user’s requests outside the trust boundary – $250,000 (Rs 2.10 crore approx)
Attack on request data from a privileged network position:
– Access to a user’s request data or other sensitive information about the user outside the trust boundary – $150,000 (Rs 1.26 crore approx)
– Ability to execute unattested code – $100,000 (84 lakh approx)
– Accidental or unexpected data disclosure due to deployment or configuration issue – $50,000 (Rs 4.20 lakh approx)
Apple has rolled out the first AI update in the form of 18.1 version for iPhone users this week. The new Siri works if you set the device to the US English as the default language. Apple’s busy week continues with the new M4 iMac launch and more expected in the next few days.
