For some people X is just better at the moment. I am one of these people and, honestly, Wayland has nothing to offer me but issues here and there.
So I decided to just stick with X and not bother with Wayland until at least 2023-2024, and of course I would like X to still work in the meantime and it probably will.
Are those people aware that using x11 effectively means they could just not bother with security and do everything as root, because x11 design makes it trivially easy to escalate?
You can only invoke the security argument if the software is easy to use and works flawlessly. That may not be true for everyone but I do expect the majority should switch.
I thought Xenocara was about running xserver without root, but otherwise a normal x11? Because I’m talking about something completely different: the fact that, due to x11 design, every app can do anything to any other app, which means it can just wait for you to run sudo(8) and then inject whatever keycodes into the terminal.
Ah, that. Wayland by itself doesn't prevent nothing from keylogging, you can only be sure that (in GNOME or KDE cinematic universe) keylogging by listening on X-things or the socket can be achieved only tampering with LD_PRELOAD or the kernel and not by design (unless one or some apps would redo that Xorg POF).
When Wayland was born you couldn't do anything to prevent that, now we have like 6 sandboxing/light-virtualization options for Linux, so I suspect that by containerizing applications in Xorg you could prevent them from keylogging easily. That too right now is mostly crappy and fragmented in Linux with the AppImage Snap and flatpak circus.
Of course Wayland can’t secure your kernel or rtld, but I’m pretty sure that one of its advantages is that it can at least not send a random app the password you’re typing in.
And no, I don’t think you can really do that with x11. There was Trusted X11 long time ago, but I don’t think it was practically useful - as in, maintainable and sustainable.
As far as I understand sandboxing in Linux is “70% there” - it will get there eventually, but for now the 30% hole makes it not practically useful. It’s not bad at pretending it’s doing something though, and for (many? most?) paying customers that’s enough.
X11 with a bare wm has had less jank for me than GNOME, Wayland, and all the fixings. Wayland is an effort pushed by those who want to make their desktop "more digital"[0]. Which is fine, but when what you have works and is rock solid, you tend to want to keep it around.
This is the third time I've read it, and I must be constipated because I still don't give a shit. X11 with Openbox works fine for me. Likewise for FVWM and Window Maker. Maybe you should learn to use a plain old window mangler; if you want Windows you know where to find it.
Nor will I give a shit about Wayland until OpenBSD forks it, audits it to within an inch of its miserable life, and incorporates it into its base distribution to replace Xenocara.
Why should we let GNOME keep us from moving on to newer tech?
Edit: In case you want to know why X11 is janky and bad, check out this architecture overview: https://wayland.freedesktop.org/architecture.html