This is one approach to improving. Apple has recently challenged everybody in the world who thinks has enough coding knowledge, offering a bounty of up to $1 million for successfully hacking its servers, now strengthened with AI. The tech giant aims to improve its security posture by getting some outside help, blatantly asking participants to find their way inside their Private Cloud Compute (PCC) system.
The PCC server powers many of Apple’s AI-driven features, including those in iOS 18.1. Apple has released detailed technical documentation and even shared portions of the server’s source code to facilitate security research. Still, breaking in may not be an easy task. However, the rewards are many, and succulent.
The company has outlined a tiered reward system, with payouts ranging from $50,000 to $1 million, depending on the severity of the vulnerability discovered:
- If you’re able to hit upon “accidental or unexpected data disclosure due to [a] deployment or configuration issue”, you’ll get $50,000.
- Moving up the chain, if you can “execute unattested code”, you’ll get $100,000.
- Gaining “access to a user’s request data or other sensitive information about the user outside the trust boundary” gets you $150,000, while access to sensitive information about the user’s requests outside the trust boundary gets $250,000.
- Finally, if a hacker is able to pull off “arbitrary execution of code without the user’s permission or knowledge with arbitrary entitlements”, they’ll be awarded $1,000,000.
By incentivizing ethical hacking, Apple hopes to identify and address potential security risks before malicious actors can exploit them.
*Cover image credit: Antoni Shkraba
[H/T] Fortune