Should Parrot OS Home be listed?

Hey everyone!
So I was looking for an out-of-the-box safe OS. Fedora and Ubuntu are good, but I was looking for something really better.
I found Parrot OS Home!
It’s based on Debian and maintained by the Parrot Project (which are known for Parrot OS Security, the Pentesting Distro).
I’m still a noob but I would list some features from their website:

1- Secure: Always updated, frequently released with many hardening and sandboxing options available. Everything is under your complete control.
P.s: there is a default profile using both Fire Jail and AppArmor (in Ubuntu only App Armor and Fedora SE-Linux will be used)

2- Privacy: A secure and hardened system ready to securely surf the web and privately communicate with, plus many useful zero-knowledge services where encryption is done right.
P.s: They have Anonsurf, which is developed from the Parrot Project which can torrify your whole system with one click, it even has a nice Gui. They don’t call home (oh yeah Ubuntu, I mean you here).
All Network services are disabled by default

3- Lightweight: We care about resources consumption, and the system has proven to be extremely lightweight and run surprisingly fast even on very old hardware or with very limited resources.

Some preinstalled Software on it:
Tor
Onion Share
Anonsurf
Firejail & App Armor support
Hexchat

What do you think about this distro, is it worth it, or we should just use Fedora? :slight_smile: (Cuz Ubuntu is a no go)

Here’s the link for their website:
https://parrotlinux.org/

Hi, some boring remarks:

This isn’t technically the case since you still rely on other parties and don’t have full transparency in everything that happens on your system.

Besides, most of these sentences are clearly marketing lingo that sound like “We offer the most secure and most private operating system.” More and more people and companies try this way by adding “security and privacy” to their product or service descriptions. However, there is no “secure” system without a threat model, “hardening” must be customized, and adding some software doesn’t make your communication “private” as long as this term remains undefined.

I find it really interesting why is Ubuntu getting so much hate. I don’t use it personally (although I mostly use Ubuntu-based) but it may just be the distribution better suited for your needs and many others, including more experienced people. Privacy and security often is more about how you use the technology rather than the technology itself (that, and about how far are you willing to go down the rabbit hole…). I don’t think is quite the right fit for Privacy Tools however, as it contains a lot of packages that are probably unnecessary and can be confusing for most people, especially as a daily driver.

That said, I like how ParrotOS has improved lately and that is supports xfce, and I’m curious to see what customization they’ve made to Geany, so I’m ready to give it a try soon.

1 Like

I have an irrelevant question. I just saw on your Blog that you guys recommend Arch over other Linux distros.
While checking your tutorial for Keepass XC I found out the the guy doing it using Ubuntu 20. Any explanation? lol
(I really don’t mean to be rude, I was just wondering cuz I wasn’t considering Ubuntu as an option, but if you guys are using it that I could probably consider it as one)

It’s just about trust. I wouldn’t trust Cannoical anymore after the thing with the amazon Ads. Besides, their privacy policy is just scary when comparing to other websites/distros

Thanks for your question. :slight_smile:

Short answer:
We prefer and recommend Arch Linux as an operating system as it is highly modular, always up-to-date, and very reliable. However, we are well aware that many of our readers are using Windows 10, Ubuntu, Debian, etc. Due to this, we try to include alternatives in our examples.

Long answer:
In general, we only recommend products and services that we use regularly. Our recommendations shouldn’t be seen as a “list of products and services that you are allowed to use,” but as a list of things that we use and like. As mentioned here, it is crucial to be open-minded when discussing with other people (regardless of the topic). Some parties try to present their opinion as the only truth, but this isn’t our goal.

Many people ask for the “best,” “most secure,” or “most private” products and service while forgetting that they need to define their own use cases and threat models before asking these questions. Imagine that you go to a car dealer to buy a new car. You ask her for the best car she offers. Ultimately, she sells a sports car to you, while you needed a van (you didn’t define your use case).
Or you (classic example) want to build the most secure castle: You complete your work, the enemy attacks. You lose after 10 minutes since you never considered that your enemy has 21st century battle tanks and soldiers (you didn’t define your threat model).

3 Likes

https://www.quora.com/What-is-meant-by-btw-I-use-arch

Obligatory! :sunglasses:

Though not stated, I suppose you talk about desktop Linux in this topic. My approach is like this: which distros are used extensively as server server operating systems, by the enterprise sector, or state agencies? These tend to be your most popular, mainstream distros. They certainly make for good desktop operating systems too. You may have other personal preferences but these are definitely safe choices. I certainly don’t want to start a “which distro is better” war.

A question relevant to the OP though. Parrot OS is based on Debian. Is it as safe as Debian too? It’s supposed to be.

1 Like

and thank you for your answer!
If I am allowed to ask one more question, what do you think about Linux mint? I read somewhere that PTIO doesn’t recommend it cuz they use google adsense on their website, which is for me a kinda silly thing. I only care about their distro, not their website.
I’m just looking for an alternative for Windows 10, which is secure (out of the box or at least with a tutorial how to harden it a little bit with App armor and stuff like that), privacy-oriented (again, I have a bad feeling about Ubuntu) and easy to use (so no Arch, Debian).
Ubuntu: I just don’t like GNOME that much (isn’t the biggest problem) and cuz of all this hate on them I kinda don’t trust them.
Linux mint: It’s perfect. I’m just not sure if they get security updates just as fast as Ubuntu, it’s a derivate so they have to wait for Ubuntu to get updated and then work on their update. (tho I’m not sure about that one)
Fedora: I thought that the desktop wasn’t working till I found it that their GNOME just looks that way (and I really didn’t find any tutorials on fedora, so I’m not even sure how I will learn to work with this OS)

@N00B, you can separate the underlying architecture of a Linux distribution from its desktop environment, both mentally and practically. In the case of Ubuntu, check this out!

You can similarly have your favorite desktop environment for every underlying architecture similarly and more likely out of the box including Fedora, Debian, Linux Mint, even Arch. :sunglasses:

1 Like

The thing is, Debian “wasn’t” secure out of the box for a long time. Like yeah I know it was kinda secure, but for a normal user like me it’s a good choice to have App armor installed by default (the thing which Ubuntu does for example, or fedora using SE-Linux). Yeah with Debian 10 it’s a default, but it’s those minor things that make a desktop more secure.
That’s why I don’t like distros like Debian or Arch which need a professional user to make them “safer” and just make them work (by manually installing proprietary software for example)

Thanks for your comment!
I would ask the same question as Linux mint lol, these spins are maintained by the community. So will they get the security updates as soon as they are there for ubuntu, or should I wait for a couple of days till they get tested and modified by the community?

We don’t use it, so we can’t list any pros or cons.

1 Like

Linux Mint is essentially Ubuntu with the Cinnamon desktop. We didn’t mention every single individual spin of Ubuntu either.

The main reason Ubuntu was listed was because it is a good all-round distribution, that has a well polished desktop with good quality assurance on each release.

As @infosechandbook said, there’s no such thing as a “private distribution”, and it entirely depends on how you use it. (Not including edge cases where some distribution intentionally includes a lot of analytics). I’m surprised someone hasn’t done that yet.

2 Likes

Thanks for your comment.
I would really like to see kinda of a list from PTIO for popular services/softwares they won’t list (just like the one for Win10)

It could really be short with the most important reasons and it wouldn’t take a lot of your time, just like the one in here for different operating systems


(just as an example, you could list there that most Linux Distros or ok besides Linux deepin or something like that)

Your suggestion is likely similar to Anti-recommendations section, what do you think?

I think the main reason we decided against that is because we really aren’t interested in the 99999 products which are bad, or knowing about them intimately.

We generally look for the best ones, and develop a criteria which we like to gradually tighten over time, encouraging those who care about making privacy products to push things along.

If we did have a list of anti recommendations we’d have to maintain the list of why XYZ is a bad choice, and then when something slightly changes people will be like “reee PrivacyTools is wrong!”

1 Like