> As compared to Windows in which an app can't do that (read keystrokes of other apps)
Yes, Apps can't do that.
> As compared to Windows or Mac where apps are sandboxed by default?
Yes, apps from both the windows and mac App Stores are sandboxed.
I'm not sure what your point is. I'm not saying Windows is perfect at all, but the GUI security is better. If nothing else, consider the classic ctrl+alt+delete, which no app can catch. On Linux there is no way to be sure the 'login' you are seeing isn't a program someone has installed to capture logins. On Windows I know the login is genuine if I press ctrl+alt+delete.
The parent comment is (slightly obtusely) talking about "UWP Apps", which are installed from the store and have mobile-style "sandboxing". Normal Win32 applications can of course use SetWindowsHookEx() and the DirectDraw screen functions to take over your screen.
Yes, Apps can't do that.
> As compared to Windows or Mac where apps are sandboxed by default?
Yes, apps from both the windows and mac App Stores are sandboxed.
I'm not sure what your point is. I'm not saying Windows is perfect at all, but the GUI security is better. If nothing else, consider the classic ctrl+alt+delete, which no app can catch. On Linux there is no way to be sure the 'login' you are seeing isn't a program someone has installed to capture logins. On Windows I know the login is genuine if I press ctrl+alt+delete.