Cloud Provider Trust

Why do you believe non-American cloud providers aren't compromised?

Unless it's your own cloud, don't trust it with the crown jewels.

Smoke and mirrors. As long as they remain subsidiary of AWS in US no level of protection will be sufficient.MS tried same with their Azure.This BS on another level.

What popular cloud providers are vulnerable?

Perhaps we need more certainty than just "think"?That AWS don't boast that they are not susceptible to this suggests that perhaps at least some of their setup is?

Just like you have to trust AWS/Azure and any SAAS service in existence.

Absolutely. If you go by the marketing, all of aws staff is now potentially working for you when you use aws. You could say this means if any of the aws employees is compromised, so are you.As a contractor, all my code goes through a code review from one of the employees. I only have access to the development environment (even qa is off limits except the publicly available stuff). It is all on azure though. I think it is fine for must work done by peons like me.I once used an application t

That certain services can't yet be moved to AWS is not an an indicator AWS is compromised. Several services, for example the payments infrastructure, are subject to regulations that make it challenging to implement _at all_, much less in a shared environment like AWS. Again, this is not an argument that AWS is compromised, and teams at Amazon are absolutely using AWS.

All the more reason to not rely on the cloud provider itself as your security vendor, I suppose...

It's gonna depend on your threat model ultimately. Hard to imagine running on AWS if you don't trust them though.