Oh absolutely, if following the trail of your beliefs leads you to a conclusion like this it should be a reason to interrogate those core beliefs and/or recognize where other core beliefs take priority, and not doing this is a major failure on his part that I’m sure is largely motivated by ultimately not really caring that much about sexual violence. It’s just that the pattern of reasoning here is so consistent with his approach to every other issue that he writes about that I think it’s reasonably likely that he just defends possession of CSAM on principle (as twisted as that is) rather than as as a defense of actions he’s made. This is not a defense of the man, to be clear, just a guess as someone familiar with his idiosyncrasies. What we know for sure from his own mouth should be more than enough to condemn him and get him the hell out of the FSF. Having a man who actively defends pedophilia in a leadership role in any capacity is an embarrassment and a failure of the organization as a whole, even if he also laid the intellectual foundation for its mission.
Wayland has security benefits over X11 so choosing one with a Wayland session is a good idea but other than that I’m not really aware of any breakdowns of security between DEs. My gut says the major options are pretty similar on that front, most hardening guides only mention DEs to tell you which ones support Wayland. The choices you can make to harden your system are changing things at a lower level that is entirely unrelated to your DE. That said I’m just a privacy/security interested layperson and security is a topic where you can always split more hairs if you want (or need) to.