Comparing this to an OpenGL extension is disingenuous at best.
OpenGL extensions are... extensions, you can do without them (when they are introduced anyway) and it will be fine. If everyone uses them they get selected and integrated in core OpenGL spec and become mandatory.

Note how (vendor-created) extensions become mandatory AFTER everyone uses them, not AT INTRODUCTION.

EGLStreams is mandatory at introduction (for NVIDIA hardware) while only NVIDIA uses it. Yes it is technically generic and therefore better than CUDA or NVsomething API for media acceleration that can only be used by NVIDIA hardware, but it's still something none asked for and none else is using or even planning to use.

It's taking more than a fucking decade to migrate everything to Wayland already, if someone starts fondling with core components of the system again when will the Year of the Linux Desktop come?

@starshipeleven
People should really stop thinking that "the Year of the Linux Desktop" is linked to any kind of technical change on the GNU/Linux side. The necessary and sufficient conditions for "the Year of the Linux Desktop" to happen is having more compatible software and (much) more computers sold with Linux preinstalled.
This is a purely commercial issue; it has nothing to do with technical changes. GNU/Linux distributions are already superior to Windows/macOS technically but technical superiority is nothing in a capitalist world compared to commercial supremacy.

No there is a required set of technical changes and they require Wayland to come common deployed.



This here talks about removing the security off UAC dialog on windows. Hang on you can screen shot the Linux desktop password dialogs without having todo something. Yes worse you can keylog what ever is input into them under X11. This gives the Linux desktop using X11 a lot lower security rating than Windows or OS X.


Next this is Australian government if you are going to deploy a Linux desktop. Notice first item "Application whitelisting" OS/X and Windows have this built in. GNU/Linux desktops don't and it third party that may not may not work right.

So lots of GNU/Linux distributions are not Technically superior to Windows/macOS due to these areas.

GNU/Linux is close to being always technically better but its not quite there yet. Once it is always technically better than it comes down what you said. While we have these technical weakness lot deployments are off the cards. Problem is a lot of the places that these technical limitations will prevent from deploying Linux desktops are also places that set mandatory to use software on end users and if they only can use Windows or OS/X this is exactly what they force on everyone.

Windows and OS X position is not just commercial while those faults/features are not fixed/provided on the Linux side out the box.

Organization already uses Linux in production. I am using it in production at work. Yes, some things can be improved but saying that Windows is more secure than Linux is absurd. The attack we had at work targeted only Windows and mac workstations ; Linux workstations were safe and are the only one that are allowed for internal use without anti-malware protection. Linux can be improved but there is no technical imitation blocking its adoption. You can do all the security/technical improvements you want, Linux will NOT become the reference desktop OS, because this is NOT the reason why Linux is not dominating the market. You should really go out of your world of programs and look at the real world of money.
We do not live in a technocratic utopia but in a real capitalist world. What we need to do (apart if we consider changing political/economic system; which I would like) is to convince companies that using/supporting Linux is good for their profit. We need commercial, monetary arguments, not advanced technical discussion on security relatively to some potential attacks that barely ever happen in the Linux world and absolutely no one with an MBA would be able to understand.

So you are a place that already allows Linux desktops.

What I am saying might seam absurd but its the reality. Organisation that have security tiering in there desktops have checklist of features that must be there to use the desktop at different security tiers.


Notice here at cern Windows is for the Hardened PC as in the secure ones. Linux and OS X is only for the non hardened.

The missing features are causing Linux Desktops not to get into the top tiers of different organisation desktop. Its the top tier that normally set the software policy on everything else.

[QUOTE=ALRBP;n1148981The attack we had at work targeted only Windows and mac workstations ; Linux workstations were safe and are the only one that are allowed for internal use without anti-malware protection.[/QUOTE]

Lets say you company policy says you have to deploy real-time malware protection.

Simple you install clamav maybe add a few extra signatures turn on the on access scanning feature. This fairly much turns out to be like tits on bull. But its not a barrier to Linux deployment any more. Its not an arguement that someone who wants to make desktop management simple by reducing OSs can use or going to make deploying Linux more expensive.

This is wrong. To be the reference desktop OS in many organisations you have to get to the top security tier. We are basically down to 2-3 missing features causing Linux not to be able to tick the checklist off to be a top security tier desktop..

1) Application whitelisting. Third party applications that do this for Linux cost more than a Windows license in lots of cases. We need something like clamav in this class. So this box can be ticked cheaply at this stage.
2) Unified Central management freeipa is getting close. Same here the cost of the closed source to manage Linux desktop computers centrally also end up costing more than a Windows license.
3) information leakage issues on the desktop. Wayland stuff mostly fixes this. But we do need more applications to use wayland directly. There are commercial third party add on to X11 that cost 400 USD a seat to address this problem so over twice the price of the Windows license and cause lots of X11 programs to crash.


The problem I have these missing security features patching them over with closed source solutions directly effects the real world money cost of deploying Linux desktops to the point they are not competitive on money let alone the lack of applications problem at times.


Get it we need these security features to make it possible in more cases to make the arguement that using Linux is good for their profit. Without fixes to these problems there are many cases where LInux Desktops are not good for company profit. Problem here to come the defacto standard in a company you need solution to work at all security tiers in business without being classed as major problem or with major costs todo that. Currently Linux desktops are not doing that.

There are some technical things blocking the Linux Desktop that cost a arm and a leg to work around using closed source third parties.

X11 issues can be mitigated if you don't care that roughly 80 percent of all X11 applications don't work any more. So its not that X11 cannot be mitigated its more that mitigated X11 comes very much you have thrown the baby out with the bath water in the process. Or you have like xwayland under wayland that you can sandbox the hell out of.

Thanks to this article, I took it upon myself to try KDE with Wayland on my laptop with an Intel iGPU on Kubuntu 19.10... Yeah, it definitely still has some ways to go. Krunner (think alt-F2 or alt-spacebar) tends to stop working after a few uses... Once Krunner stops working... The K menu (the application launch menu) stops working.

There's weirdness with maximizing windows and then de-maximizing them...

That said, the desktop never crashed on me once. The few applications I tried ran fine and were stable. I watched some YouTube videos through FireFox (which I'm pretty sure is running through XWayland), konsole, dolphin, etc were just fine. Tbird (which I'm also pretty sure is running through XWayland) also gave me no trouble.

Interestingly, moving windows around in Wayland and X (with kwin compositing) is about equally as smooth for me, but window resizing is a lot nicer under Wayland.

I think KDE support for Wayland should be a lot further along than it is... However, I'm still more happy with the state than I am unhappy, for whatever the hell that is worth.

One thing that REALLY annoyed me... No middle click pasting! I'm used to not having it whenever I have to use Windows or Mac OS... But in KDE, I just expected it to be there. Ah well.

How can you seriously list theoretical Linux security limitations while practice has proved Linux to be much safer than Windows ? I do not care about yours lists, most people do not care about that. The fact is that Linux is more secure than Windows, no matter how many theoretical limitations you may find. When organizations are attacked, the targets are Windows machines, not Linux ones.
Also, the average desktop user do not care about all that stuff and is very happy to not have to pay for an anti-malware like one Windows, so why is him not using Linux ?
One of the reason is no preinstalled Linux and the other is the same as for companies : the lack of compatible software. (and the difficulty of the change itself)
For servers, Linux simply dominates. For super-computer, it has no effective competition.

that's absurd. Wayland is not the thing, the compositor is the thing. A compositor could just as well use any other display protocol and the end user would never know a difference. Except maybe if the chosen display protocol was more complete than Wayland, in which case they would probably notice faster progress towards being fully featured.

Problem is these limitations its like why are business patching CVE numbers that we know at totally bogus as well. Why are business patching bogus CVE numbers because patching CVE numbers is written in the PCI DSS standard so you do so you can do business with those systems.

Application whitelisting, Unified Central management and information leakage prevention is also part of these different standards. Yes PCI DSS does not in fact agree with X11 because X11 does not have the require means to isolate data. The other two also link to standards at well businesses are required to conform to at different times.

Not true on that Linux is targeted quite a bit these days. Windows is still more commonly targeted but the Linux ones are not 100 percent safe.

Horrible reality is your average desktop user does not fund 90% of your software development. Its your enterprise customers who are paying the money that runs most of the development.

This is a double side. The 3 issues I listed means Linux desktop cannot be used every where and meet contractual requirements. If you are going to pay for software to be development and you want to keep it as cheep as possible in the current setup the money for development will go in the direction of Windows software.

This is the chicken and egg.

You want compatible software. Enterprise funds development of software. Enterprise choose to fund(by purchase or coding themselves) for software they can run in all desktop tiers. Now you have problem my list of 3 means compatible software development is not getting as much funding as it could get if they were addressed.


One of the things that in fact got Linux the dominance in servers was Selinux from the NSA. Since you can set selinux up and meet all your security requirements for 90 percent+ of servers to meet contractual requirements like from PCI DSS. Large percentage of Microsoft Windows servers in web servers is because its hard to make Linux meet some of these standard contractual requirements. Yes one of the ones why windows still has market share is there is a standard effecting servers in particular field that say whitelist of applications is required.

So to take out the last 20% of web servers that are windows servers requires address some security features to get about half of that. The other half is software issues.

These security limitations cause contract limitations that basically say you cannot use X software because you will be in breach of contract if you do. This does not factor in how secure or lack of secure the software really is. If a contract said you had to run Multics or some other odd ball OS and you could be legally screwed but you could also argue discrimination and win. One way to avoid discrimination is just provide list of feature the OS has to have to be acceptable to contract still has the same effect of contract locking out Linux.

Basically its not a question is Windows or Linux more secure. Its more a question can I use Linux or Windows equally well setup and not end breaching any contract obligation I may have signed. More secure is a bonus. Currently Windows wins this hand and we need to change that. Hopefully to one cay that is a breach of contract to be using Windows instead of the current where its breach to contract at times to be using the Linux Desktop.