Remotely detecting if the server is not compromised when you don't trust the physical surroundings is probably unsolvable. If your attackers are very motivated and have lots of resources, what's to prevent them from installing a ram bus signal analyzer during a scheduled/unscheduled downtime. This would be pretty hard to detect (absent an elaborate video monitoring setup), as a good analyzer should not impact the system being monitored.
Hardware Security Modules (HSMs) are supposed to be able to resist that kind of attack, but given we currently have a duopoly of fairly government (US and EU/UK) connected HSM manufacturers, and they devices aren't suitable (price and capabilities) for general purpose computing, we're kind of out of luck.
A Free/Open HSM design would go a long way, along with more host-based trusted computing security (Intel SGX, etc.). But just physically controlling the surroundings is probably the only feasible option today.
Sure, they might be, but what do I care what the Chinese govt knows about me? They're 10,000 miles away and I have no foreseeable plans to travel there. My own government, who I want to be free to criticize when they do something I disapprove of, that's something else.
