If you manage to infect your systemd unit list which requires root privilege and give it a permission to run on boot I don’t think it’s an attack vector anymore its one’s stupidity. Systemd is the furthest thing from an outside attack. Someone might poison your bashrc and its more possible than someone inserting a malicious unit file and asking you to run.

I think the awesomeWM has the status bar you’ve described.

Clear victory

GOA or Gnome Online Accounts basically pings the target site that has the requested WebDAV and IMAP(for the calendar, events, tasks and email). Which occurs between every 10 to 15 minutes. Every ping GOA makes contains Browser Agent information. In that case, it’s GOA instead of a browser. It contains simple information like which distribution and its version are you using. Since it’s running under the Gnome, the desktop environment name can be extracted as well. However, GOA is a standalone application that can be used on Cinnamon, MATE, and XFCE. So that part is pretty useless. But when the Google Drive is used, it is mounted to your disk with GVfsd. It has to send every action you make to that directory to Google since the directory is not physically mounted .