Hi Brendan,
Right, it fundamentally isn't possible to prevent someone like AWS from snooping on what the server is doing. However, we can make it difficult, at least, by encrypting data at rest, especially with fine-grained encryption. This doesn't solve everything, but would force the provider to go well out of their way to snoop, rather than be able to pick things up passively. As Jake points out, we'd like to implement better fine-grained encryption eventually, but for now you will need to rely on full-disk encryption underneath Sandstorm.
With all that said, you should probably only run Sandstorm on infrastructure providers you trust. Many people run Sandstorm on a physical machine that they keep in their home, for example.
End-to-end encryption is great but solves a different set of problems from Sandstorm. If your app is fundamentally a point-to-point messaging system, then you can use e2e, and there are plenty of great apps to use for this without the need to run your own server. But for any use case that involves multiple parties collaborating on a common data set, the server probably needs to understand the content, thus e2e just doesn't work.
-Kenton