[marcuspovey]

That is the rub of course.

Self hosting is somewhat better, if nothing else because it presents a much less tempting target, and it is a privilege currently only available to the technical.

Well implemented strong encryption is another avenue.

[icebraining]

Even with self-hosting, there's a lot of third-party hardware and software that you have to trust.

[marcuspovey]

Absolutely, but it changes the economics substantially in your favour.

[rdl]

Especially if you design everything about individual components being potentially either backdoored or just buggy, and make it hard for failures to lead to successful outside penetration or inside data exfiltration. It doesn't help if everything is compromised fully, but if some things are not, they can usually block or at least detect problems. Defense in depth, and all.