> what we're concerned with is Apple itself misusing our data in some way… and it’s in fact an unsolvable solution as long as their server side code is closed source (or otherwise unavailable for self-hosting as binaries)
It is in fact a solvable problem. The binaries are indeed available for self hosting in a virtualized PCC node for research purposes.[1] Auditors can confirm that the binaries do not transmit data outside of the environment. There are several other aspects of the architecture that are designed to prevent use data from leaking outside of the node’s trust boundary, for example TLS terminates at the node level and nodes use encrypted local storage so user data is unreadable to any other node / part of the organization.
That is a lot of mumbo-jumbo but what it boils down to is that you cannot run the PCC on your own hardware; you can download some "components" whose hash matches the supposed "transparency log" they publish (and some demo models) but since I can't go into my iPhone to say "set PCC server ip: 192.168.1.42" and see it work, I don't trust it (and it cannot be trusted).
It is in fact a solvable problem. The binaries are indeed available for self hosting in a virtualized PCC node for research purposes.[1] Auditors can confirm that the binaries do not transmit data outside of the environment. There are several other aspects of the architecture that are designed to prevent use data from leaking outside of the node’s trust boundary, for example TLS terminates at the node level and nodes use encrypted local storage so user data is unreadable to any other node / part of the organization.
[1] https://security.apple.com/documentation/private-cloud-compu...