[carlosfvp]

At least someone can review the code, but is this enough to trust them? I am talking about the people who really worries about their files on cloud storage services.

[notyourwork]

It is not enough as this does not assert they are executing this code and not a modified version.

[Roritharr]

How would one go about asserting that?

Lately I've spent some time contemplating how to establish trust in cloud services, this particular nut I haven't been able to crack yet.

[netsharc]

Interesting problem, right? Not an expert in the area, but blockchain implementers say they solve this issue. Afaik then there isn't one trusted party, but anyone can compile and run the code and be a provider (and be paid), and a single untrustworthy party won't bother because his chances of compromising the user's data is small.

[akjainaj]

Whatever they release, there is no way to prove that that is the code that is actually running on their servers.