Just bought a Linux pre-installed laptop with the specific goal of maximising privacy/anonymity (in preparation for a full transition away from google/Microsoft etc). I chose to trust Mullvad VPN and only Mullvad VPN with my IP address. I downloaded Tutanota flatpack software then uninstalled when I figured I would be increasing the risk of IP address leakage if the killswitch fails. Soon later, the killswitch failed and I found the Tutanota software was somehow still on my PC (I got notified when I got mail and found in the .var files).
I am now considering setting up a new email address which cannot be traced to my IP address, unless my reasoning turns out to be flawed as I know little about this stuff?
(Extra question of course is how to set-up an OS-level vpn killswitch for when Mullvad fails, if anyone has an answer for that)
when you do remote Flatpak installations (importat bit being remote) then of course, to establish a connection the server will get your IP Address. Flathub is where you’ll usually be downloading software from, but they don’t really do much with that information.
Either way, when using something like a VPN, you should not have to worry about that information as Flathub (or another remote) would only see the IP Address of your VPN, not your personal IP.
Additionally, local flatpak installations from a file do not have this issue unless they need extra dependencies that are downloaded from the internet (if not already installed)
Thank you. But do you know if I install a flatpack using the VPN, would the server be sent my actual IP address merely through my VPN killswitch not working for a few minutes while browsing the web?
No, apps installed through Flatpak work exactly the same as non-flatpaks. For example, running Firefox as a Flatpak won’t let Flathub.org know that you’re using it, or when. Only during installation or updates.
Hmm. But if the flatpack application in question provides notifications in the tray, it indicates there is constant traffic between my PC and the application. Hence, wouldn’t the IP address leak in the moment of a killswitch failure?