Future Tools: Parrot OS

easyDNS is pleased to sponsor Jesse Hirsh‘s “Future Fibre / Future Tools” segments of his new email list, Metaviews

An operating system that focuses on privacy and security

 

The Parrot Project is a great example of the versatility and security possible when using free and open source software. Today’s issue of Future Tools looks at Parrot OS, a secure operating system with a strong focus on privacy and cybersecurity. Here’s the description from their project website:

Parrot is a worldwide community of developers and security specialists that work together to build a shared framework of tools to make their job easier, standardized and more reliable and secure.

Parrot OS, the flagship product of Parrot Security is a GNU/Linux distribution based on Debian and designed with Security and Privacy in mind. It includes a full portable laboratory for all kinds of cyber security operations, from pentesting to digital forensics and reverse engineering, but it also includes everything needed to develop your own software or keep your data secure.

One of the more interesting aspects of a GNU/Linux operating system is that it can come in a wide range of forms. This is the concept of a distribution. Where an operating system is the software that runs or operates your computer, a distribution is a style or flavour of an operating system, that features specific software and configuration. Hence there are a lot of distributions of Linux, that specialize in particular priorities or users.

One way to think of distributions is along the lines of curation, selection, and configuration. Given all the possible applications, and all the ways those applications can be setup, distributions are a way of selecting and preparing software so that it can be used as desired right away.

For example one of the most popular and easier to use “distros” is Ubuntu. We’ve mentioned it in a few previous Future Tools issues. Ubuntu is based on Debian, which is one of the foundational GNU/Linux distributions, upon which many others are based on. Parrot OS is another distro based on Debian. However where Ubuntu focuses on ease of use, Parrot is focused on privacy and security.

On the surface, Parrot is a tool for hacking. However that’s not the main reason why we’re featuring it in this issue, although it is relevant.

Rather Parrot offers a great example of why cybersecurity tools designed for experts are often relevant and useful to novices and people who have no interest in hacking, but do want to remain secure and private.

Parrot is an operating system that is:

– Modern and user-friendly

– More reliable and secure

– Faster, better performing, more lightweight

– Portable and universal

– Free and community-driven

In this context, Parrot OS is not a solitary operating system, but rather a collection of operating systems for different purposes.

Parrot Security is for hacking and penetration testing, whereas Parrot Home does not come with security tools but is designed for users who want to protect themselves. There are different versions of each of these two, depending upon the user interface (different window managers) and how you want to run the operating system.

What they have in common is that the software has been selected and configured to maximize the user’s privacy and security. Quoting from their website once more:

A complete arsenal of security tools that can be deployed on all your devices and in the cloud. A secure and hardened system ready to securely surf the web and privately communicate with, plus many useful zero-knowledge services where encryption is done right. Many resources to learn from, in order to make your skillset stronger. The system is designed to push newbies into good habits.

That last point is crucial, and the reason why we’re profiling Parrot as part of our Future Tools series.

For instance, we previously did a Future Tools issue on Tor and the Dark Web, which when used properly enables protects your Internet activity and potentially enables anonymity.

Parrot makes using Tor relatively easily thanks to their software Anonsurf:

Parrot OS, like a number of different Linux distributions, can be used without committing to installing it on your computer. If you download Parrot to a USB stick you can do what is called a live boot, where you boot your computer off the USB stick, and run Parrot OS without deleting or impacting your existing operating system.

While this operating system is a radical improvement when it comes to protecting your privacy and security, it also fosters an environment in which learning and curiosity can flourish.

On a basic level this can just be exploring the software that comes in the Home edition, which is the usual apps like web browsing (albeit securely), office suite, and similar typical tools. Most of these will be new to you if you’re not an active Linux user.

However on a more advanced level, the security tools that come with Parrot Security are also worth exploring. Here’s a video that illustrates some of what’s possible:

If you are interested in getting into (ethical) hacking and penetration testing, it is valuable knowledge to explore and acquire. Parrot is not the only operating system designed for these purposes. Kali Linux is perhaps more prominent and is often compared to Parrot.

Although Parrot has benefited from some recent announcements and attention:

By providing resources and support, the Hack The Box team will enable the Parrot team to focus on what they do best, further developing and adding more functionality and features to the Parrot Security OS. Furthermore, we will start incorporating the OS to the HTB platform so our users can experience it and provide more feedback towards the success of the project.

Hack The Box and Parrot partner to bring together their thriving communities and empower Parrot OS to become the hacking distro that will steal the hearts of the global CyberSec industry.

Hack The Box is an online cyber security training platform enabling individuals and companies to level up their pen-testing skills through the most captivating, self-paced, fully gamified learning environment. 280+ constantly updated virtual hacking labs, real-world corporate scenarios, and CTF challenges, all part of a massively growing cyber security community of 300k+ members where professionals exchange ideas and companies find top talent.

With the support of HTB, the Parrot Project is poised for further growth. Our hope in profiling it is to push awareness of Parrot beyond the cybersecurity industry towards regular users who might see the operating system as welcome relief from an otherwise hostile Internet.

The brilliance of Parrot is how they are “making good habits and best practices easy to follow and eventually hard to break.” That is the point of good cybersecurity. To create a culture of smart and secure technology that people find easy and rewarding to use.

This is our sixteenth issue in the Future Tools series.

The first was on Keybase, a service designed to make encryption easy to use. The second was on Pi-Hole, free and open source software designed to make it easy for you to block the digital advertisements on your network(s). The third was on Tor and the so called dark web, enabling secure surfing for all. The fourth was on Matrix and Riot as an alternative to Slack. The fifth was on democracy.earth and quadratic voting. The sixth was on the Brave browser. The seventh was on Rocket Chat. The eight was on pol.is. The ninth was on Decidim. The tenth was on Mastodon. The eleventh was on BigBlueButton. The twelfth was on the video conferencing tool Jitsi. The thirteenth was on ProtonMail. The fourteenth was on Ghost, the headless content management system. The fifteenth issue was on DECODE.

If you have any questions about these tools we’ve profiled, or suggestions/requests for tools that we should profile in the future. As always let us know. #metaviews

“Future Tools” is a recurring series in the Metaviews newsletter where we share some of the tools and concepts that you’ll need to protect yourself in the now and near future.

Leave a Reply

Your email address will not be published. Required fields are marked *