Actually, 2019 - your reference is about 7.7-RC1, but granted it s still a long time.
Why do people hype up Wayland?
- Thread starter fruqal22
- Start date
Actually, 2019 - your reference is about 7.7-RC1, but granted it s still a long time.
kibasnowpaw
Well-Known Member
i wouldn't mind use Wayland if it don't make life harder for me as it is now as a gamer it do that's why i use x11 and you right a lot can happen in 6 years.
Kinda amuses me, TBH. All this talk about "security" (yet again)..... Seems to me that some people - if they look hard enough, and convince themselves of its 'truth' - can find "security" holes absolutely everywhere.
I've said it before, and I'll say it yet again. If you're that worried about security.....stay off-line. Chuck the damn 'puter in the trash. And so as to resist "temptation", get rid of every aspect of your modern existence, and go live in a cave in the middle of nowhere.
Seems simple enough to me. It's not rocket-science. If something is 'bad' for you, then get rid of that thing; don't use it again.
(shrug..)
Mike.
I've said it before, and I'll say it yet again. If you're that worried about security.....stay off-line. Chuck the damn 'puter in the trash. And so as to resist "temptation", get rid of every aspect of your modern existence, and go live in a cave in the middle of nowhere.
Seems simple enough to me. It's not rocket-science. If something is 'bad' for you, then get rid of that thing; don't use it again.
(shrug..)
Mike.
Last edited:
kibasnowpaw
Well-Known Member
I get where you’re coming from, and I agree that “security panic” can easily spiral into paranoia if people go looking for ghosts everywhere. But I think a lot of these discussions miss a much more practical middle ground.Kinda amuses me, TBH. All this talk about "security" (yet again)..... Seems to me that some people - if they look hard enough, and convince themselves of its 'truth' - can find "security" holes absolutely everywhere.
I've said it before, and I'll say it yet again. If you're that worried about security.....stay off-line. Chuck the damn 'puter in the trash. And so as to resist "temptation", get rid of every aspect of your modern existence, and go live in a cave in the middle of nowhere.
Seems simple enough to me. It's not rocket-science. If something is 'bad' for you, then get rid of that thing; don't use it again.
(shrug..)
Mike.
If someone genuinely cares about security and privacy, the biggest wins usually don’t come from the browser UI or swapping one desktop stack for another. They come from the network layer. That’s where you reduce the attack surface in a way that applies to everything, regardless of whether you’re on Wayland, X11, Firefox, Chromium, or something custom.
For example, I run my own router/firewall with Pi-hole and DHCP. I control which ports are open, which aren’t, whether IPv6 is even exposed, and what traffic is allowed out of the network at all. With Pi-hole alone, a massive amount of tracking, telemetry, and junk traffic never reaches the system in the first place. At that point, the difference between “secure browsers” or display protocols becomes far less dramatic in real-world terms.
What stood out to me in the XDA Wayland discussion I read the other day is that security is often presented as a primary justification for the hype, even though many of the real-world problems people mention there screen capture workflows, OBS, remote desktop, CAD tools, Vms are usability and workflow issues, not security failures. Wayland does improve client isolation at the compositor level, but that doesn’t automatically translate into meaningful protection if the network itself is wide open.
And yes the only perfectly secure system is an offline one: air-gapped, powered down, living far away from civilization. But it’s not a useful baseline for people who actually want to use computers to do real work.
Real security is about risk management, not absolutism. You reduce exposure where it has the most impact, accept that some risk always exists, and balance security against usability. In practice, network-level controls get you much closer to that balance than endlessly reinventing browsers or treating Wayland as a silver bullet.
So I don’t think people are wrong to care about security at all but if they’re serious about it, that’s where I’d tell them to start.
If you didn't know X was designed for being used over a network, but this was back in the day when computers were expensive and many people connected to a central computer system from a terminal (if I am not mistaken, those who have been longer around than me may correct me if I'm wrong).
Wayland was not.
The question is in today's dage an age do you really want that when it comes to security? There are both valid for reasons to have it and not have it.
kibasnowpaw
Well-Known Member
You’re absolutely right about the historical design of X, and that context matters. X was built in a time when computing was centralized, hardware was expensive, and network transparency was a feature, not a liability. Terminals connecting to a central system made sense in that model, and X was explicitly designed around that assumption. From a modern security standpoint, that architecture does carry baggage, especially if systems are unpatched or exposed in ways they shouldn’t be.
Where I think it’s important to be precise, though, is how that design translates into real-world risk today.
In practice, almost nobody is using X’s network transparency in the way it was originally intended anymore. On modern Linux desktops, X11 typically runs locally over Unix domain sockets, not exposed TCP connections. Remote access, when used, is usually tunneled through SSH or handled by separate remote desktop solutions. That doesn’t make X “secure by design” in a modern sense, but it does mean the original threat model is largely dormant unless someone explicitly enables or misconfigures it.
That’s why my stance is still network-first. If a system is unpatched, has open ports it shouldn’t, weak firewall rules, or poor DNS hygiene, then the display protocol isn’t the primary risk factor. Those fundamentals dominate the real attack surface. Conversely, a well-segmented, well-filtered network dramatically reduces exposure regardless of whether the desktop stack is X11 or Wayland.
I also think it’s important to separate architectural correctness from user decision-making. Wayland’s model is clearly cleaner for modern desktops: stricter client isolation, no implicit trust between applications, and no built-in network transparency. From a design and maintenance perspective, that’s a strong argument for it being the future default.
But in day-to-day reality, most users are not choosing Wayland because of security. They choose based on whether things work. On places like r/ubuntu and similar forums, the discussion is overwhelmingly about breakage, compatibility, gaming, screen sharing, Nvidia behavior, or workflows that worked under X11 but don’t yet behave the same under Wayland. Security is rarely the deciding factor for adoption or rejection.
So when you ask whether we really want X’s historical network model in today’s world: as a default going forward, probably not and I agree with that. But that doesn’t automatically make X11 an active security problem in properly configured modern systems, nor does it mean Wayland alone meaningfully “fixes” security if the rest of the stack is neglected.
Wayland is the better long-term architecture.
X11 carries legacy design choices that wouldn’t be made today.
But real-world security still lives first at the network and system level, and real-world adoption is still driven by whether things work, not by abstract threat models.
That’s why I think both positions can be valid at the same time, depending on context.
That's a bit of a false dichotomy. One can be both extremely worried and still use the 'net. They can just do so cautiously, limiting what they do and how they do it. Essentially, they're extremely worried but willing to accept some risks in order to use the 'net.
It's like someone who is deathly afraid of automobile accidents, so they wear their seatbelt and only ride in vehicles that have a full complement of airbags. In this case, they limit what they put on the computer and use security software that limits their exposure.
People with agorophobia can force themselves to go outside. They don't like it, and may be physically ill because of it. People regularly do things they're afraid of, largely out of necessity. In cases where they're extremely worried about security, they can use distros (like Tails and Qubes) that offer greater security out of the box. They can do all of their internet activity over Tor.
In other words, there are ways they can reduce their risks.
Let me help you.... for one. anydesk does not behave well under wayland. So now you can think of something. I have others too.
Bongripper666
New Member
I don't hype it. I use it, because it just works better for me.
Similar threads
Latest posts
-
-
-
-
Another one: CIFSwitch: a non-universal Linux local root vulnerability- Latest: beanburrito