[ForHackernews]

If you're truly paranoid, you can certainly encrypt data in RDS with keys that you have and Amazon doesn't.

But yes, the rest they expect us to take on faith. Or trust some boilerplate in their ToS (written by their lawyers, to absolve them of liability).

[imheretolearn]

Yes, and you could do anything else that you want with your app. However, if your application is hosted on their servers you are just a traditional user from their perspective. And as the old adage goes, if you own the server, you own the user.

There is an implicit assumption, that the code that you push is actually the same one that is being run on the VM, in your statement. This brings me back to the point I was trying to make in the parent comment.

[billiam]

The encrypted traffic will be the traffic Amazon will be most interested in, since you took the trouble; they won't peek into the DB but they will be able to infer lots about what's going on if they want. It's the Tor Paradox.