I have an Accessibility install need with security concerns needing a workaround and hardware issues advice , help requested

Hi. I hope you all had a safe and peaceful last couple of days.

I’d be grateful of your help with the following issue, please.

Ubuntu Version:
Example: 22.04 LTS,
Desktop Environment (if applicable):
Example: GNOME,

Problem Description:
I have an accessibility need to install speech recognition software. I used Dragon Naturally speaking for 20 years on Windows. It was private and safe. It didn’t upload or take your data for ai training against your will. Now microsoft have made it a data stealing online only program, which is a shame for all as it was great for many needing it and accessibility software shouldn’t require giving up personal data to use.

So, now I have moved fully to Ubuntu and need speech recognition software. I have seen there is SpeechNote. You can use it offline, which is what I need and want. My privacy concern is that is asks for the below permissions. Why does it want these? They are unnecessary. Why does it want to access my videos and music??? and documents??! (see the cut and paste from terminal listing the permissions below my questions)
It makes me feel it is wanting to steal data for unrelated purposes.
My question is how can i install it whilst protecting my data?
Can i wall it in? I am still a linux beginner and don’t understand how the file systems work yet, incl xdg.
I am wondering… If i install an additional linux os on this laptop and keep it just for speech recognition (even a different linux version if required), using it offline, then moving the documents across to my main system whilst offline, would that keep my data safe, or would the way the filesystems work mean the program could read files in all my linux installs in this laptop?
Is there a different way to wall it in, via using user permissions that would work? (the same issue about my lack of file system understanding applies here).

Additionally my graphics card is not mesa vulkan compatible. I use llvm pipe with Studio one. I know most current speech recognition software is utilising nvidia. Is there a way i can use the largest speech recognition libraries without mesa vulkan?

Thank you.

List of permission Speech Note wants as stated in the terminal:

net.mkiol.SpeechNote permissions:
ipc network fallback-x11 pulseaudio
wayland x11 devices file access [1]
dbus access [2]

[1] xdg-config/kdeglobals:ro, xdg-desktop, xdg-documents, xdg-download,
    xdg-music, xdg-videos
[2] com.canonical.AppMenu.Registrar, org.freedesktop.Notifications,
    org.kde.KGlobalSettings, org.kde.StatusNotifierWatcher,
    org.kde.kconfig.notify, org.kde.kdeconnect

Hi laken, welcome

Short answer: Speech Note is not stealing your data. What you’re seeing is the Flatpak permission model, which is designed to limit access, not expand it.

• Speech Note is sandboxed by Flatpak. It cannot access your whole system.
• Access to Documents, Music, Videos, etc. is limited to your own user folders only, not the entire disk.
• These permissions are common defaults for desktop apps and do not imply data upload or AI training.
• There is no hidden access to other Linux installs or users.

How to lock it down further (recommended)

Install Flatseal:

sudo apt install flatseal

Then:

• Disable access to Documents / Music / Videos if not needed
• Disable network access to force fully offline use
• Keep only audio + display permissions

This gives you far more control than Windows ever did.

About installing a second Linux OS

It would isolate things, but it’s unnecessary. Flatpak + Flatseal already provides strong isolation without the complexity of multiple systems.

About graphics / Vulkan

Speech Note and common offline engines (Vosk, Whisper CPU) do not require Vulkan or NVIDIA. They work on CPU only (LLVMpipe is fine, just slower).

Summary:
Flatpak is already “walled in”, Flatseal lets you tighten it further, no second OS is needed, and offline speech recognition works without Vulkan.

Accessibility should never require sacrificing privacy — you’re absolutely right to question it.

Thank you for the welcome and also very much for your full reply and the clarity and thoughtfulness of it MesterPerfect.
My concern first stemmed from reading it was marked as possibly unsafe on flathub. (please see screenshots)
I really appreciate your comments and information and recommendation to use flatseal.

So much trust has been lost through the actions of theft of data and creative ip, and likenesses, and use of our private data for surveillance. It’s an escalating concern.

Screenshot from 2025-12-27 18-08-431920×1080 285 KB

Screenshot from 2025-12-27 18-09-011920×1080 220 KB

sudo apt install flatseal

I’m curious as to how that would install flatseal as it’s not in the Ubuntu repos.

Since I have the flathub repo installed I tried to install it through flathub it would seize up gnome-software and I would have to force quit and restart the PC.The only way I could install flatseal was through the manual method as suggested on flathub.

Speech Note saves and imports plain text files, so it may need access to your documents. I haven’t gotten into the text-to-speech, but it might be similar with the audio files.

Thank you for sharing that, laken — your concerns are completely understandable.

The “possibly unsafe” label on Flathub usually doesn’t indicate malicious behavior. Most often it means the app is community-maintained, requests broader default permissions, or hasn’t gone through extra manual verification yet. It’s a transparency warning, not an accusation.

The key point is that with Flatpak, you don’t have to rely on trust alone. Using Flatseal, you can:

• Disable network access entirely
• Restrict or remove access to Documents, Media folders, etc.
• Run the app fully offline

That ability to enforce boundaries is one of Linux’s strengths. Given the current climate around data misuse, your caution is both reasonable and justified.

Thank you very much again. This is good to know that being marked as possibly unsafe oon flathub is not flagging up programs that are concerning, but instead it’s about being transparent about the access they have, which is always a very good thing.

Exactly — that’s correct
The “possibly unsafe” label on Flathub is about transparency of permissions, not a warning that the application is malicious.

If you feel the explanation you received has answered your question, it would be great to mark that reply as the solution. That helps future users with similar privacy and accessibility concerns find a clear, reliable answer more easily.

thanks. i would like to be able to mark 2 of your replies as the solution, but it doesn’t seem that that’s an option. I’ve marked one of the 2.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.