Apple has announced the launch of a “revolutionary cloud intelligence system” called Private Cloud Compute (PCC) designed to process artificial intelligence (AI) tasks in a way that preserves privacy in the cloud.
The tech giant described PCC as the “most advanced security architecture ever deployed for large-scale cloud AI computing.”
What does Apple’s revolutionary PCC project consist of?
CCP coincides with the arrival of new, collectively called generative artificial intelligence (GenAI) capabilities Apple Intelligenceor AI for short, which the iPhone maker has presented in its next generation of software, including iOS 18, iPadOS 18 And macOS Sequoia.
All Apple Intelligence features, both those that work on the device and those that rely on PCC, use generative models interns trained on “licensed data, including data selected to improve specific functionality, as well as publicly available data collected by our web-crawler, AppleBot.“
With PCC, the idea is basically to push complex requests that require more processing power to the cloud, while ensuring that data is never stored or exposed to third parties, including Applea mechanism the company calls stateless computing.
The architecture supporting PCC is a custom-built server node that combines Apple silicon, Secure Enclave, and Secure Boot against the backdrop of a hardened operating system specifically designed to run Large Language Model (LLM) inference workloads.
How users’ personal data will be protected
According to Apple, this not only presents a “extremely small attack surface“, but it also allows you to leverage code signing and sandboxing to ensure that only authorized and cryptographically measured code is executable in the data center and that the user’s data does not leave the boundaries of the trust perimeter.
“Technologies such as Pointer Authentication Codes and sandboxing work to resist such exploitations and limit an attacker’s horizontal movement within the PCC node“, has declared the company, later adding that: “The inference control and dispatch layers are written in Swift, ensuring memory safety, and use separate address spaces to isolate the initial processing of requests.”
It’s not all: “This combination of memory safety and the principle of least privilege removes entire classes of attacks on the same inference stack and limits the level of control and capability that a successful attack can achieve.”
PCC will also have other security measures in terms of privacy
Another notable security and privacy measure is the routing of PCC requests through an Oblivious HTTP (OHTTP) relay operated by an independent party to hide the origin (i.e. IP address) of the requests, effectively preventing an attacker from using the IP address to correlate requests to a specific individual.
It’s worth noting that Google also uses OHTTP relays as part of its initiative Privacy Sandbox and for Safe Browsing in Chrome Browser to protect users from visiting potentially harmful sites.
Not just Apple, other experts’ opinion on PCC
Apple also said that independent security experts can inspect the code running on Apple silicon servers for privacy issues, adding that PCC cryptographically ensures that its devices do not communicate with a server unless the software has been publicly registered for inspection.
“Each Private Cloud Compute production software image will be published for independent binary inspection — including the operating system, applications and all relevant executables, which researchers can verify against measurements in the transparency registry“, the company said, adding: “The software will be released within 90 days of inclusion in the registry, or after relevant software updates are available, whichever comes first.“
The GPT model “invades” PCC
In addition to Apple Intelligence, there is an integration with OpenAI’s ChatGPT in Siri and system writing tools to generate text and images based on prompts provided by users, with Apple highlighting privacy protections built into the process for those who choose to access the virtual assistant.
Regarding this Apple said: “Their IP addresses are obscured, and OpenAI will not store the requests,” Apple said. “ChatGPT’s data usage policies apply to users who choose to link their account.”
Apple Intelligence, which is expected to be generally available later this fall, will be limited to iPhone 15 Pro, iPhone 15 Pro Max, and iPad and Mac with M1 and later, that have Siri and the device language set to American English.
Some of the others new privacy features introduced by Apple include options to lock and hide specific apps behind Face ID, Touch ID, or a passcode; allow users to choose which contacts to share with an app; a dedicated Passwords app; and a revamped Privacy & Security section in Settings.
According to MacRumors, the Passwords app also includes a setting to automatically upgrade existing accounts to passkey; also, Apple replaced the switch Private Wi-Fi Address for Wi-Fi networks with a new setting Rotate Wi-Fi Address to minimize tracking.
#PCC #Apple #project #artificial #intelligence
