[badminton1]

Sounds good. But how do you exactly verify those claims? Again, you can't. You are back to square 1: trusting Microsoft acts in good faith and acts in your best interest.

[EpicEng]

How do you verify that a doctor is making the right call re how to treat your cancer? You either become a doctor yourself, or trust that they know what they're doing.

[badminton1]

And what if a doctor has a controversial reputation?

[EpicEng]

Then you can make a decision to go with another doctor. Are you questioning the reputation of the auditors, or just writing off MS across the board?

[badminton1]

You can have audit proof software that is completely secure. If you tamper the infrastructure, share keys, leave obscure backdoors, etc. it is not hard to come up with a NOBUS scheme.