A security-conscious OS
Desktop Security

© Photo by Sid Balachandran on Unsplash
Parrot OS offers a more secure desktop with practical tools for both newbies and veteran users that encourage better security habits.
The Parrot OS home page [1] lists four major concerns: security, software freedom, a lightweight system, and cross-platform portability. To these concerns, it also adds a thorough development stack and the goal "to push newbies into good habits." Of all these concerns, Parrot is best known for being security conscious. However, it succeeds in all of these concerns to a degree. In particular, by making privacy and security tools part of the standard install, Parrot is probably most successful in pushing all users – not just newbies – into better security habits.
Based on Debian Testing, Parrot OS is a rolling release, with packages updated as soon as they have been tested, although official releases are periodically released as well. It also offers a choice of MATE or KDE Plasma as a desktop environment. Parrot requires 256MB of RAM, making it lightweight by modern standards and suitable for older systems as well as new ones. Its goal of cross-platform portability is seen in the number of downloads available. The Home Edition is for general users (Figure 1), and the Security Edition is for penetration testing and other security work and programming (Figure 2). Both the Home and Security Editions run virtually in Boxes and include images for VMware and VirtualBox. The Security Edition includes variants for IoT and cloud appliances. Parrot OS also offers a Pwnbox version that runs in a web browser and an ARMv7 architecture version. In addition, the installation images for the Home and Security Editions include a Live version. Installation is via the Calamares installer (Figure 3), one of the simplest installation methods available for distributions.

Available Applications
Parrot OS's most notable feature is its software selection. Only a handful of productivity applications are available, such as LibreOffice and Gimp, in keeping with the basic security principle of installing the minimum software required in order to reduce the opportunities for possible attacks. Beyond these basics, users should install only the software they require. Even the game menu is limited to a 2D chess game – a hint, perhaps, at the intellectual users that Parrot expects to attract.
Both editions have the usual MATE system tools, such as BleachBit for cleaning up installed software and GParted for disk partitioning, but only the Security Edition includes a menu for starting and stopping services. Similarly, both editions include Vim and Neovim. However, the Home Edition includes only three dedicated programming tools: Geany, the programming text editor; links to VSCodium, a collection of open source binaries for Microsoft's Visual Studio Code; and Zeal, a help site for developers. By contrast, the Security Edition includes an additional five applications and links, among them Git Cola, a GUI for Git; Meld, a diff and merge tool; and git-dag
, a graphical depiction of Git history. From the selection of tools available in the two editions, the assumption seems to be that hobbyist programmers will use the Home Edition, and administrators and more advanced programmers working on large projects, often with remote versioning repositories, will install the Security Edition.
However, it is in privacy and security tools that Parrot OS really stands out. Some of these tools, such as the Electrum Bitcoin Wallet, the Ricochet chat app, or the GNU Privacy Assistant, are developed by other projects; others, such as OnionShare or AnonSurf, are developed by the Parrot Project itself. Occasionally, the available tools overlap. For example, Parrot OS offers both Tor and I2P for anonymous web browsing, leaving users to decide which one to use.
The Home Edition focuses on privacy. AnonSurf takes Tor one step further by anonymizing all system communication, beginning by shutting down potentially vulnerable apps and changing a user's IP address with a single click of a button (Figure 4). Also included are five different encryption tools as well as a metadata cleaner and a secure file deleter. Unlike many privacy tools, most of the tools in the Home Edition have easy-to-use graphic interfaces and embedded help that assume minimal prior knowledge. When a tool lacks a GUI, Parrot OS's menu opens a terminal at the appropriate man page. As a result, more users should be encouraged to use these tools, and, perhaps, feel confident enough to learn more about the principles behind them.

The Security Edition's menu is dominated by the Pentesting (penetration testing) top-level menu for forensic investigations. The menu is so crammed with scripts and apps that the second-level menu contains 14 items, including Most Used Items, Information Gathering, Vulnerability Analysis, Exploitation Tools, Password Attacks, Sniffing & Spoofing, and Reverse Engineering, to say nothing of third- and fourth-level menus, some of which are even longer. The entries alone are the start of an education – who knew, for example, that Linux was important enough in the car industry that there would be an Automotive option?
All this is just an overview. Just listing the scripts and apps included in Parrot OS would take at least 5,000 words and fully documenting everything would take a book. Parrot OS essentially provides a curated range of Linux privacy and security tools. Just having all these resources on one menu makes learning about security easier.
Security Accessibility
Security often means a trade-off with convenience, and Parrot OS is no exception. To start with, KDE's Plasma is hardly in keeping with the goal of being lightweight. For that matter, any desktop environment is just one more place where things can go wrong. For that reason, many security experts prefer to work exclusively from the command line. In addition, while Debian Testing is often said to be more reliable than most distributions' general releases, Debian Stable would be a more secure choice for building a distribution. These choices seem to be made for the simple reason that many users prefer a desktop environment and to offer users apps closer to the latest releases (Debian Stable is sometimes several releases behind).
If Parrot OS does not offer the most secure distribution possible, it does offer more security than most distributions. Parrot OS installs with a wide range of privacy and security tools, many of which are easily configured or installed ready for use. More than anything, Parrot OS offers easy access to privacy and security. Although Parrot is potentially more secure than most distributions, its greatest accomplishment is security education, something that is sadly lacking elsewhere despite years of concern and growing necessity. Parrot OS provides both a basic curriculum and a practical set of tools.
Infos
- Parrot OS: https://parrotsec.org/
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
News
-
Fedora 39 Beta is Now Available for Testing
For fans and users of Fedora Linux, the first beta of release 39 is now available, which is a minor upgrade but does include GNOME 45.
-
Fedora Linux 40 to Drop X11 for KDE Plasma
When Fedora 40 arrives in 2024, there will be a few big changes coming, especially for the KDE Plasma option.
-
Real-Time Ubuntu Available in AWS Marketplace
Anyone looking for a Linux distribution for real-time processing could do a whole lot worse than Real-Time Ubuntu.
-
KSMBD Finally Reaches a Stable State
For those who've been looking forward to the first release of KSMBD, after two years it's no longer considered experimental.
-
Nitrux 3.0.0 Has Been Released
The latest version of Nitrux brings plenty of innovation and fresh apps to the table.
-
Linux From Scratch 12.0 Now Available
If you're looking to roll your own Linux distribution, the latest version of Linux From Scratch is now available with plenty of updates.
-
Linux Kernel 6.5 Has Been Released
The newest Linux kernel, version 6.5, now includes initial support for two very exciting features.
-
UbuntuDDE 23.04 Now Available
A new version of the UbuntuDDE remix has finally arrived with all the updates from the Deepin desktop and everything that comes with the Ubuntu 23.04 base.
-
Star Labs Reveals a New Surface-Like Linux Tablet
If you've ever wanted a tablet that rivals the MS Surface, you're in luck as Star Labs has created such a device.
-
SUSE Going Private (Again)
The company behind SUSE Linux Enterprise, Rancher, and NeuVector recently announced that Marcel LUX III SARL (Marcel), its majority shareholder, intends to delist it from the Frankfurt Stock Exchange by way of a merger.