While Wayland has kind of been a disaster I disagree with your premise.
> 1. Security
Linux (and Unix before it) has always had security mechanisms built in. File permissions, setuid bits, namespaces. Any old program shouldn't be able to access /etc/passwd, and likewise the `<input type="password">` in my browser should be protected. Wayland's problem isn't that it tried to add security, but that the design and development process went horrifically wrong so that 17 years after the first release, people still have trouble with screen sharing.
> 2. Performance
The client-server model is obsolete and unsupported by modern applications (and nowadays there are easier ways to do remote GUI access) and keeping it was just a big pile of tech debt.
The problem wasn't that Wayland tried to fix things, it's that the process took 17 years and still isn't finished or particularly successful. My uneducated guess at why Wayland failed to succeed is that it went for extreme modularity and refused to say (back in like 2009) "Here's the security mechanism everyone has to use to take screenshots, etc. If this breaks your spacebar heater, sucks to be you." Rather than just define a single API where 99% of graphical applications and desktop utilities can do the sorts of things they already do on Windows and MacOS, and call it 1.0, instead they built a sprawling monument to bikeshedding and over-engineering.
> My uneducated guess at why Wayland failed to succeed is that it went for extreme modularity and refused to say (back in like 2009) "Here's the security mechanism everyone has to use to take screenshots, etc. If this breaks your spacebar heater, sucks to be you."
I tend to agree. I have long attributed the mess that is wayland-protocols in large part to the fact that they didn’t define a security mechanism or permission model in place from the start.
They seemed to assume, at first, that it was reasonable to prevent all programs from doing what any program could abuse. Had they instead acknowledged that some programs need to be granted the ability to take actions that otherwise risk insecurity, they wouldn’t have needed to try to distort the protocols to fit the lacking security model of Wayland (or, in some cases, wouldn’t have needed to circumvent Wayland entirely to achieve their ends).
I generously assume they simply considered a mechanism to grant permissions to be out of scope of the original spec, a merely horrific error and disastrous design flaw. If they were instead completely ignorant to the existence of screen recording, password managers, screen readers, and so on... inconceivable idiocy. Either way, as long as something like Wayland can happen, Windows has nothing to fear from Linux.
> 1. Security
Linux (and Unix before it) has always had security mechanisms built in. File permissions, setuid bits, namespaces. Any old program shouldn't be able to access /etc/passwd, and likewise the `<input type="password">` in my browser should be protected. Wayland's problem isn't that it tried to add security, but that the design and development process went horrifically wrong so that 17 years after the first release, people still have trouble with screen sharing.
> 2. Performance
The client-server model is obsolete and unsupported by modern applications (and nowadays there are easier ways to do remote GUI access) and keeping it was just a big pile of tech debt.
The problem wasn't that Wayland tried to fix things, it's that the process took 17 years and still isn't finished or particularly successful. My uneducated guess at why Wayland failed to succeed is that it went for extreme modularity and refused to say (back in like 2009) "Here's the security mechanism everyone has to use to take screenshots, etc. If this breaks your spacebar heater, sucks to be you." Rather than just define a single API where 99% of graphical applications and desktop utilities can do the sorts of things they already do on Windows and MacOS, and call it 1.0, instead they built a sprawling monument to bikeshedding and over-engineering.