Re: "Ever heard of "build from source" ?"
On hardware you don't fully control?
I am not advocating for $_CLOUD. I am merely saying $_CLOUD is folly, because you do not know what is running where, where your data is stored, if and where it is copied to ... granting customers full access is dangerous, because they can get firmware that can bork the system .... only a matter of time until that happens.....
While it is true you should not blindly trust anybody, if you don't trust anything and anybody, you'll end up not trusting yourself too.
Now, one moment, logical fallacy, here, sir. I trust myself. I know I will never be 100% certain that a certain piece of hardware in my data center, manufactured to open designs, running open firmware that I compiled and flashed onto it will run exactly as intended, sure.
But compare that to closed hardware, with closed firmware, I even grant you running a partially open OS (GNU/Linux with binary blob drivers), running on a third party system somewhere, where others may have access to the underlying hardware, because multiple customers happen to use instances on one same physical system to which we are all given full access to the OS running ( in our instance ) ... folly, I tell you, folly. Ever heard of break out of sandbox vulns ?
Even closed hardware, with closed firmware in my data center cannot be trusted not to leak data. Sure, no other choice now, but the minute open hardware that is shipped with open firmware and that performs reasonably well, I will jump ship in no-time, as any sensible person would.
We should always strive for perfection.
In short:
1. $_CLOUD is utter folly
2. Closed hardware/firmware/software is folly*
3. Closed hardware/firmware with partially open OS (GNU/Linux with binary blobs) is better
4. Open hardware, running open firmware and software (free of binary blobs) in your data center is as close as you can get to perfection. You can vet, or have vetted, each and every line of code that gets compiled and run.
You can say compiler could be 0wned, sure, but that could potentially happen to any and all.
You can say manufacturer could add a backdoor with some hidden ROM firmware somewhere, but that could potentially happen to any or all as well. And you can check the chips on the board, if need be.
Why you are preferring a far less trusted system is beyond me. You can say what you want, open stuff is better than closed stuff - like Democracy, with freedom.of information act, is better than USSR.
* Cf article on this site about Dutch authorities kicking Microsoft who REPEATEDLY denied copying sensitive data to servers in the US, even when faced with the evidence. Even MS does not know what Windows and Office are doing.
* Intel ME, anyone ?