ALL major desktop windowing systems have no isolation between GUI windows. If any one of your applications is pwnt, EVERYTHING can be keylogged. There are defenses though, you can use virtual machines like Qubes does, or you can use things like SELinux sandboxes. There are other techniques as well. Desktop OS's with windowed applications have long been considered insecure, this is one of the main reasons why. On the other hand who wants to do everything from command line. Qubes is a good step in the right direction, I haven't been using it myself but I do use multiple virtual machines and keep what I run on the host to the bare minimum.