They have 100% hypervisor access. To give them zero knowledge, you need full homomorphic encryption which is impractical at this point (and likely for a while).
You may trust them not to abuse hypervisor access, but they still have network “meta” data - it could tell them how many transactions clear against credit processors (though not the actual amounts if encrypted), a good idea general distribution of page views With respect to time and user ip (though not the exact pages), times of day, demographics of users (Geo locations and ISPs, for example)
If you don’t trust them not to peek at what they can, don’t use them. He is perfectly right.
There are other cloud providers who aren’t competing with B&H and would be a better choice. But amazon is a direct competitor to B&H, even if they do have an IT barrier - they cross subsidize; any $ paid to Amazon helps it against B&H.
You may trust them not to abuse hypervisor access, but they still have network “meta” data - it could tell them how many transactions clear against credit processors (though not the actual amounts if encrypted), a good idea general distribution of page views With respect to time and user ip (though not the exact pages), times of day, demographics of users (Geo locations and ISPs, for example)
If you don’t trust them not to peek at what they can, don’t use them. He is perfectly right.
There are other cloud providers who aren’t competing with B&H and would be a better choice. But amazon is a direct competitor to B&H, even if they do have an IT barrier - they cross subsidize; any $ paid to Amazon helps it against B&H.