What is private computing cloud?

Private cloud compute is a new service introduced by Apple designed specifically for processing AI privately. It runs on a new operating system that uses a hardened subset of iOS, leveraging Apple's industry-leading operating system security work. Here are some key features and aspects of private cloud compute:

1. Privacy and Security:

   • It omits features that are not strictly necessary, such as persistent data storage, to mitigate privacy risks.
   • The tools used to manage servers are designed to prevent privileged access, such as via remote shell, which could allow access to user data.

2. Machine Learning Stack:

   • It includes a full machine learning stack that powers intelligence, providing a secure foundation based on Apple silicon.

3. Security Measures:

   • Secure enclave protects critical encryption keys.
   • Secure boot ensures the OS is signed and verified.
   • Trusted execution monitor ensures only signed and verified code runs.
   • Attestation enables a user's device to securely verify the identity and configuration of a private cloud compute cluster before sending a request.

4. End-to-End Encryption:

   • Each request establishes an end-to-end encrypted connection with a private cloud compute cluster. Only the chosen cluster can decrypt the request data, which is not retained after the response is returned and is never accessible to Apple.

5. Transparency and Inspection:

   • Apple commits to making virtual images of every production build of private cloud compute publicly available for inspection by security researchers, with findings rewarded through the Apple security bounty.
   • A user's device will only communicate with private cloud compute clusters running a signed build that has been publicly logged for inspection, verified with strong cryptographic attestation mechanisms in Apple silicon.

For more details, you can refer to the Platforms State of the Union session.