Comment by janalsncm

7 days ago

If Apple is running the inference from Apple iPhones and Apple data centers then Apple has operational control. Google’s influence ends the moment they hand the weights over to Apple.

39 comments

janalsncm

Reply
impulser_  6 days ago

They are using Google Cloud.

https://security.apple.com/blog/expanding-pcc/?linkId=100000...

"Now, we are collaborating with Google and NVIDIA to run new Apple Intelligence workloads on Google Cloud, extending our industry-leading PCC privacy commitments to third-party data centers for the first time."

  • btown  6 days ago

    Per that link: I think there's an interesting question about whether a nefarious actor who's infiltrated a cloud provider with physical access to machines that are running signed operating systems, with signed binaries, with TDX remote attestation, and with hardware supply chain verification, has the ability to break the privacy guarantees of a tenant with Apple's sophistication.

    Certainly, one could tamper with the hardware, but could one do it in a way that wouldn't get that machine immediately flagged, removed from the routing pool, and told to wipe its memory immediately, by a watchtower (perhaps even the routing layer itself) that runs in a separate secure Apple datacenter?

    • Cassell  6 days ago

      Those datacentres would be in the same position of trust as a VPN provider in that the data must be unencrypted at points in the process.

      They could be making it very safe, and the things apple says they are doing would make it as safe as possible, but as a user there is no way of verifying the claims.

      3 replies →

    • rasz  6 days ago

      >nefarious actor who's infiltrated a cloud provider

      Google is buying that compute from xAI aka Musk

    • RobMurray  6 days ago

      Apple could simply be ordered to include a hardware backdoor, and legally be prevented from talking about it. Everything else in the architecture could work exactly the way they claim in the PCC paper.

    • SoftTalker  6 days ago

      Why bother with all that cloak and dagger stuff when they can just buy the data? You believe Apple and/or Google isn't selling it? I have some land in Florida I'd like to talk about.

      10 replies →

  • materielle  6 days ago

    That’s not so special, though? There’s a difference between Google infra running Google services.

    Versus any F500 company running their services on GCP.

    It’s a bit whacky to think about because Apple will operate Google owned software on GCP. But it should be sandboxed just the same.

    I’m not making a normative privacy argument here. Just pointing out that this is cloud business as usual. Perhaps it’s interesting Apple is doing it, but basically everything else is already using either AWS or GCP at this point.

    • airstrike  6 days ago

      I think the difference is scale. This is Apple, so it's an enormous amount of devices. And it's a seamless experience, to the user, going from local model to cloud models.

      So the question about which model Apple was going to use and where has been highly anticipated, especially by the likes of OpenAI and Anthropic. Imagine if either one could say they have Apple as their customer?

      Apple certainly has the cash to burn if they wanted to train their own model, but it also always seemed out of their core competency. This is a major win for Google.

      So "business as usual" but with huge implications for the AI ecosystem in general.

      1 reply →

  • Someone  6 days ago

    Google Cloud, but, the way I read it, not Google’s AI offerings. They, basically, hire Google servers to run their software on it.

    They also (claim to) ensure those servers run only software they have approved to run on it.

    (Part of their software are models derived from Google Gemini, but that’s orthogonal to this)

    • fauigerzigerk  6 days ago

      >(Part of their software are models derived from Google Gemini, but that’s orthogonal to this)

      You're right that it is orthogonal to the privacy promises Apple makes to its own users.

      The moralistic and righteous undertone in their marketing material is questionable though given that these Apple services might not exist if Google didn't exploit Gemini app user data on Android the way it does.

      That's fine with me. Users have a choice here. In fact, it's a big improvement over the search deal with Google where Apple sends its own users directly to Google.

  • huslage  6 days ago

    They are not _only_ using Google Cloud. They continue to build and invest in their own datacenters. It's not a binary choice.

  • dofm  6 days ago

    That is news — I guess not very surprising that they'd need more data centres than before.

    But again there is no Apple-to-Google transfer in the inference in the sense of the comment I was originally replying to (I am not suggesting you're implying otherwise, obviously)

    But I stand happily corrected where I said they aren't in the picture at all.

    That is an interesting press release because it outlines what they would have had to do with any data centre they were outsourcing to.

    • impulser_  6 days ago

      This is probably why Google had to rent compute from SpaceX. They needed to free up NVIDIA GPUs for Apple so they probably moved internal workloads to SpaceX compute.

      1 reply →

  • ezfe  6 days ago

    iCloud already uses Google Cloud, so that still doesn't change the operational boundaries of where data goes

  • LoganDark  6 days ago

    I hope they are still using PCC hardware rather than running private data through third-party servers.

dofm  7 days ago

Right — I suppose I mis-phrased my first sentence a bit, because I guess it can be interpreted as me saying the boundary is blurred, when what I was trying to write is: in operation there is nothing crossing any boundary; Google are not in the picture.