lol, confirmed, that opinion is straight trolling. X abandoned network transparency decades ago.

And why is that? Because they are using X11 directly and not a framework which abstracts that away.

Anything that AutoHotkey allows on Windows or even via Wine on X11. Global hotkeys and screen recording are just one of them. For example, picking information about windows -- or scanning their contents, not just "recording", for automating tasks for power users. Docking windows. Windows which rely on positional information of other windows for instance because they integrate (or overlay).

btw, I want it on all compositors and if one of them doesn't implement them, to be able to be flagged as "bad compositor, doesn't implement full specification" or whatever, not "oh this compositor just doesn't implement it because it's not required to". If the latter, it is a horrible situation and my entire gripe with Wayland.

Yeah like the namespaces which had a root privilege escalation via overlayfs right?

Exactly my point why you must always be cautious no matter how "secure" something is in theory.

I'm still here wondering why you think only Wayland and namespace exploits matter, while there cannot be exploits in the rest of the system's features you rely on with the circus you're doing to ensure "security".

As a general rule of thumb, defences should be layered to minimize the effect of potential exploits. As with a layered defence system any attack would have to bypass each layer before they can get at me.

If you rely on a single thing then anything that can bypass THAT single thing means you're screwed.

When did I say it's only Wayland? I never said Wayland is less secure than X, wtf. I just said its security is pretty minuscule in terms of importance (at least in my opinion obviously), especially since you should still be careful online (just like with X). But removing features in the name of such pseudo security (that's what I meant by pseudo) is a dumb move. I think it was a different thread where I said that if you want perfect security then unplug your internet connection, you won't have a lot of "features" and functionality but you'll be bullet proof.

There's just a middle ground between security and functionality and in my opinion Wayland is skewed too much towards security (on the other hand X is also skewed too much on functionality in this context, or lack of security, but if I had to pick between these 2 evils, I'd pick functionality).

When did you say also separating processes under different users can fail and you'd be screwed so it's also completely pointless "fake security"?
Because you pulled your utter insanity about killing applications and restarting them with a different user or somesuch like that was watertight when it's really not if you apply the same reasoning you apply to Wayland or namespaces.

None said you did, easy there on strawmans.

Which is the bullshit I'm shouting at, we are well past the point where "being careful" matters at all. The user cannot just tell if an application was compromised or not, and has never been in the last decades. You can maybe delude yourself, but you're posting bullshit and everyone here is reacting to that.

The entire security model based on the user trusting applications is bullshit and stopped working when the Internet became a thing. The security model for the modern world is not trusting anything by default.

Wayland is part of the future vision for Linux where applications will get sandboxed (like in Flatpack), and is crucial to keep the sandbox in place.

Wayland isn't even production-ready on flagship desktops like GNOME. You can say stuff was not implemented yet, but nothing was removed.
You know, when you build something you implement first the stuff that matters most, and leave secondary features for later.

I don't understand why you are treating Wayland as if it was a done thing you can freely use everyday. Do you actually know what you're talking about? Probably not, if you link articles that claim X11 still offers network transparency in 2018 (or even 2010).

Wayland compositors in major desktops are still unstable and don't offer more than basic functionality because they are not finished yet. Every sane person would prefer X11 (which works and is stable, albeit with an inferior design) at this point in time.

so, do all those program use x11? how to know which programs are full wayland compliant? thanks

I dunno, I think it's actually still possible to use Xorg in a properly network transparent way. You'd have to be running pure Xorg though and not a DE to avoid installing DRI3 and suchlike. If you're installing something like Gentoo, if you run startx before you install a DE you can get a very old-looking window environment I seem to remember. I think it's usable if you're so inclined i.e. you're a masochist or you think Windows 3.1 is a good looking GUI.

I find quite amusing all this focus on Wayland security even as the project Wayland has decided that we should use client-side decorations which are less "secure" than server-side decorations (which allow the server to display special for different security level (like Qubes OS do)).

That said does anyone know if this Wayland remote support will allow to display remotely only one window? That's very handy sometimes instead of having to display a whole desktop..

Oh my, I've seen so much tearing in my life. Heck I can get W7 to tear. But if I use Wayland and mpv wayland output I have no tearing.
Then I truely feel like I'm in the 21 first century.
And yes, I started using Linux in the 20th century.