Comment by jeffbee
3 hours ago
> Relying on local providers would be better for privacy
This is a massive leap. Switching to local providers can eliminate a lot of imaginary threats, but opens the door to a lot of real ones, since most service providers outside of the big clouds have extremely weak or non-existent countermeasures against insider threats.
The threat profile changes, sure, but framing all the threats imposed by using large-scale foreign clouds as "imaginary", and every threat introduced by local providers as "real", is very disingenuous.
> most service providers outside of the big clouds have extremely weak or non-existent countermeasures against insider threats.
Another claim that needs some citations, please.
Anyway, many of those concerns can be addressed by security regulations, hiring processes, etc - which, I would guess, is a pretty critical part of why the large-scale providers supposedly don't have such threats.
Also, this thread is talking about the effects of US companies having access to sensitive data that they're more than willing to hand over to the US government. In other words... there are 2 major insider threats at every US cloud provider, from the perspective of a foreign government: the company, and the US government. That's mostly what I was referring to with the privacy bit.