My intention of writing that comment was different, it was my mistake, so I correct and rephrase it. I think from a cybersecurity perspective.
Imagine a future where there are many players in the cloud training business. These players have the chance to retrieve de LLM model and since this could be a high stake business that is dangerous. I underastand that currently cloud players can observe everything that happens in their clouds including secret information and this is not happenning but it could not be "Google" by themselves but an inside job.
I'm not sure this will ever be a solved problem. If it's in your threat model to worry about such things, you necessarily need to have your own servers, in a secured physical location you control. No amount of attestation and auditing will allow you to overcome that sort of threat. For the most part, I believe audit logs and severely restricted permissions provided to employees greatly disincentive the chances of an inside job occurring successfully.
Imagine a future where there are many players in the cloud training business. These players have the chance to retrieve de LLM model and since this could be a high stake business that is dangerous. I underastand that currently cloud players can observe everything that happens in their clouds including secret information and this is not happenning but it could not be "Google" by themselves but an inside job.