I am running Debian on Qubes OS, I use gnome-calculator on a vault
domain (a VM without any network device) because I though it does not
need Internet or data/files from another domain. So without any
knowledge I was protecting myself from this privacy leak...
Maybe Debian should adopt a strong policy about what packages should
have Internet access and what does not... All packages not supposed to
have Internet access will be blocked by firewall or a similar approach
(probably some kind of whitelist).