Mint now has a experimental Wayland desktop for Cinnamon. Considering that they have only recently started working in on it, its surprisingly functional.

Except of course that Wayland is being developed by exactly those "good developers" that have previously worked on X and that left X precisely for working on Wayland instead. So what is it? Are they good or are they lazy?

Wow... This is almost too good.

Mmm... are you sure? I mean... MIT-MAGIC-COOKIE seems more for connection authorization, not for framebuffer access. AFAIK, framebuffer (and other resources) access was limited with the Security Extension ( https://www.x.org/releases/X11R7.6/d.../security.html ), but some programs (like Google Chrome) don't like it and won't work with it enabled... and even worse: in the case of chrome, it was marked as "won't fix" ( https://issues.chromium.org/issues/41211255 )

Like it or not threat models evolve over time rrveex. Problem major item users use that is web browsers is progressively getting more and more powerful. You are on this website ttveex and you use web browsers. Like it or not you can be running possible untrusted stuff all the time. Lets not forget remote desktop implemented inside browsers and other things.

Yes we do need a functional container solution for applications. Everyone on the Internet really does need it.

Lot of ways rrveex you are being the idiot. The reality is security models always need to evolve. Modern Web browsers have made it way more simple to get untrusted programs on to your computer that can do many horrible things. People lose their bank accounts/google/youtube/... online accounts all the time due to attacks against browsers.

Yes every time good new OS security thing is needed someone complains against it until either they on their friends are getting burnt by not having it. I will not say there are not bad security things that put control in hands of third party instead of end user that we should accept.

rrveex the issue with screen capture and keylogging is the possibility of getting access to like to business applications and so on. Yes local file system access is kind of bad but these other issues of key logging and screen access also have to be handled. Remember if the door to the file system in the web browser is correctly secure but the door to the screen capture and keylogging is not don't be surprised if attackers use that.

Yes it like the german fighter aircraft doing a complex move to attack bombers from under because the top and the back had too many protection guns. The huge feature set of web browsers these days makes securing them insanely hard. Yes you cannot mess screen capture and keylogging but you still need to deal with file access controls as well.


Its like back in the day my most common tool to break out of a business so called locked down computer was visual basic in MS word that thing you could even edit partition tables if you knew what you were doing. It was part of demos to show management that they could not take hands off with computer security and expect everything to end well.

X11 protocol core design had the horrible idea that you would be inside single trusted business LAN. Yes core design predates WAN being used in a big way.

X11 protocol is a house built on highly unstable foundations.

Wayland they have tried to build on solid foundations. Yes this has creates like making house at beach with solid foundations then person cannot get into house because the sand moves and now the house does not move with the sand kind of problems.

Yes you will hear the works for me argument with X11 all the time. Then consider that the Wayland developers are paid by companies and will have to explain when some security issue happens with X11 that they cannot fix because fixing it will break the X11 protocol why they are not working on a secure solution to replace X11 if they were not working on Wayland.

niner the question most people don't ask. Is X11 protocol fixable without breaking application support? The answer is XACE that SUN did in the past is that if you attempt to fix the X11 protocol security 90+ of applications will have to be rewritten because otherwise they will not work with the added security framework to X11. At this level of disaster you might as well split the tree. Wayland being the rewritten applications and X11 being left for the broken legacy.

I can only imagine how many security holes the n-thousand Wayland composers have that nobody knows because nobody investigates them. In a few years we will be laughing out loud.

Yeah they're good. Good at dragging crap out for over 11 years. They could have easily fixed X11.

It's THIS exact bullshit that is delaying the "Year of rhe Linux Desktop". HDR and VRR are common arguments but they're fucking eye candy! Then security? Fix what is there! If Sun can do it, then update the entire stack of libraries as X11R7 and implement the new fixes while allowing a smooth transition. Nothing new has to be done, just patch for the security protocols.

Xfree86 4.x had a few years before it stabilized, but it didn't scrap the 3.x trunk of the tree just fix the tree. It rebuilt the trunk and regrew the branches as everything migrated in seemlessly while allowing some backwards compatibility. It took 5 years but everything worked. We went from static built x-servers to dynamic driver loaded x-servers.

And if anyone say "but X11 is a mess of legacy code... Blah blah blah"

WHAT ISN'T? WHAT PRAY TELL ISN'T?

Wayland is developed (in a manner of speaking since they do not write code) by a new breed of developers who never understood how Xorg worked. Historical Xorg developers like Keith Packard have nothing to do with Wayland.

This is going beyond explanation and reasoning now that I will not even try to argue anything. But I really enjoy a bunch of idiots raving and whining about how good is X11. Let me pop a couple more windows on Wayland while reading about their suffering. Burn baby burn