IMO:
If you are a
target of the alphabet soup gang (FBI, CIA, NSA, DIA, etc., etc.), or the target of an individual or group with sufficient resources, possibly.
(Keep in mind that the only attack vector is not VS via the cloud. The machine itself could be compromised via a different app, or physical access.)
If you are
not a target of the above, which I think this thread is more about, then the concern would be a rogue employee.
Many here exclaim, "MS doesn't care what you're coding!" Or, "Your broker doesn't care about your trades!" Etc.
It's not the company you have to be concerned about, generally; it's an employee(s). They could be criminal-minded; or they could be compromised via quid pro quo from an outside individual, group, or agency having sufficient resources.
That's true, nobody cares unless you're coding something the rogue employee
does care about.
Suppose the employee is a would be day trader, and wants a successful system/algo/whatever. So he runs code that will search the MS cloud for VS projects containing certain keywords.
You know the rest.
Or suppose you've told your friend or family about your C# secret sauce. Suppose they blab this to their coworker, who happens to be connected to shady characters. In this scenario, you've, unknowingly, become a target.
High tech criminals exist. Otherwise honest high tech workers can be extorted, blackmailed, compromised, threatened, lured, poached, etc.
Stolen computer code helped a Tijuana-based biker gang steal 150 Jeeps
https://www.chicagotribune.com/busi...-computer-code-jeep-heist-20170602-story.html
Software engineer caught stealing code
https://www.enterprisetimes.co.uk/2017/04/17/software-engineer-caught-stealing-code/
Goldman Sachs Programmer Found Guilty of Stealing Code
https://www.wired.com/2010/12/aleynikov-guilty/
Former Tesla employee admits uploading Autopilot source code to his iCloud
https://www.theverge.com/2019/7/10/...gzhi-cao-xpeng-xiaopeng-motors-lawsuit-filing
