During the keynote of Apple WWDC 2024 last night, amidst the unveiling of the Apple Intelligence services, Apple acknowledged the need to send some data to the cloud for better processing efficiency beyond what the device chips can handle. However, Apple is striving to maintain privacy closely akin to on-device processing through Private Cloud Compute, a cloud computer specifically designed for secure processing.
Private Cloud Compute (PCC) operates in a stateless manner where user data, such as chat messages requiring responses or personal documents needing summaries by Large Language Model (LLM), is immediately deleted once sent to PCC and processed data is sent back to the user. Devices accessing Apple Intelligence on the cloud request the public key of PCC first and encrypt data before sending it directly to the servers. Apple’s internal devices, like load balancers, do not have access to user data.
For processing large data requiring disk storage, Secure Enclave generates new disk encryption keys every boot without storing them, thus wiping PCC disk data every boot as it is encrypted with the keys that disappear after each boot cycle.
Server security begins with a secure supply chain where potential hardware attacks before delivery are tough and easily detectable. Manufacturers must photograph high-definition images of servers before leaving the factory and seal them in tamper-evident packages. Upon arrival at Apple’s data centers, hardware abnormalities are checked against factory images.
From a software perspective, Apple plans to make every PCC version publicly accessible for security research, with each build logged in an append-only database, accessible for download within 90 days. Researchers can use these images in the PCC Virtual Research Environment.
TLDR: Apple revealed the need for cloud data processing while ensuring privacy by using Private Cloud Compute for secure processing and making PCC versions public for security research.
Leave a Comment