if that 'safer' replacement is a) worse to use and b) lacks features people are used to having, then there will be a lot of people who will be very unhappy.

That said, how is wayland doing with multi-window applications these days? Was an unholy mess not too long ago. Any progress on that front?

ok, but what if every application is wayland? would it still be able to send key inputs to more than one app at the same time?

Wayland isn't capable of it. Whether one of the compositors will implement that capability despite Wayland or whether one of them already has I don't know.

So I got my hopes up and just built the stable Plasma release from portage on Gentoo. And damn it, the Wayland session is still so buggy it's unusable. I don't see how a third of gamers could possibly be using it right now. It's unbearable.

They are using a Valve curated version of it. Prolly it's better.

Afaik it's only possible for XWayland applications. Security!

why else would someone invent imaginary security vulnerabilities when there are plenty of real ones to worry about?

I don't ignore your arguments, I refute them. There's a world of difference between the two. This is also the second time you've declared that you're going to quit the argument so I doubt it. In my experience this is usually a sad attempt at trying to get the last word in and if you still reply to them, they'll reply again trying again to get the last word in.

Again with the "Well my personal experience is all there is and anything counter to it is wrong by definition" nonsense? Yes, you work for a negligent company. That's sadly quite common. But you can't insist that the personal experiences of one person, yourself, are somehow representatives of the world at large and companies you've clearly never worked for. Google's always tried to be somewhat on top of things in terms of security. Microsoft was kinda bad at it back in the 90s and early 2000s, but have taken major steps forward in that regard.

I don't put software that's commonly used on a pedestal. If it's bad, it's bad no matter if it's got 5 or 5 million users.

You've had your face shoved into proven and working X.org exploits multiple times in this thread. You're literally hanging this all on the argument that nobody's used these maliciously, so there's no problem. The "Its not unsafe until someone is killed" logic I keep pointing out to you is complete and utter bunk.

I directly addressed it by pointing out that contrarians and sourpusses like you rejected it because coming from Canonical it was too "proprietary", reality denial on its security failings and failing to gain marketshare doesn't automatically mean its not better than it was trying to replace. Gave you an example of this you couldn't refute.

Again, I addressed by pointing out that successful attacks have been chains of exploits for 20 years already. X.org has a history of bugs that allow for privilege escalation, file access and arbitrary code execution. Often in the exact same exploit. Wayland is designed not to allow for these kinds of catastrophic failures and as a result it hasn't had these kinds of exploits. The lack of X.org-like failures speaks for itself and proves your pathetic "Its true because I say so"-argument wrong.

What best practices? Says the person whose knowledge of actual attacks is 20 years out of date and talks about SQL injection attacks like it's the late 90s.

FYI; In 2024 SQL injection attacks are a concern only to the truly incompetent.

You do realise you're describing yourself there? Acting like you know better than experienced professionals with decades of experience because it doesn't fit your narrative.

Again, you're describing yourself there. Insisting that your opinions that go contrary to what people far more credible than either of either of us as somehow "facts" for no discernible reason except believing yourself to be some kind expert. When you're just some random anonymous schmuck on the internet.

I doubt it...

Aah yes... Because everything is imaginary if you stick your head in the sand hard enough.

FYI; In just the last decade X.org has had 37 code execution, 11 privilege escalation, 30 denial of service, 2 authentication bypasses and 5 information leak vulnerabilities and those are just the ones with registered CVE's.

yet for some reason you prefer to sweep under the rug that the last few all came from xwayland.

Gnome - no, not really. Enlightenment is much snappier under wayland. Unfortunately development appears to have stalled, and there are some corner-case bugs still with wayland support. But it's very noticabely more smooth - eg more fluid animations, more instant responses to inputs.