[endogui]

> Sure but there's probably provable ways to look for hidden stuff as well unless they are sending empty data.

Isn't this equivalent to the halting problem? Even with source code, there is a chance the compiler was compromised. In practice, these devices are closed source, so you would need to verify all the possible code paths.

Moreover, we know that NSA coerced phone companies into exposing metadata. What is the probability NSA has not requested backdoors of Amazon, Google, and the like?

[kristopolous]

I don't think it is however there is an unprovable element here in that it's difficult to prove absence. However, depending on implementation it may not very difficult to demonstrate presence! If you run the basic tests and there's clearly a substantial difference between the two you're done. If there isn't, you need to dig deeper.

This is just the nature of indirect observation. People in the natural sciences deal with this problem all the time.