Is Parrot OS (Home and Security) 100% open source?

Parrot says that it cares about privacy and security, so does that mean it’s 100% open source? Is there any apps that are not open source? Because I’m kind of obsessed with privacy, I (everyone actually that uses Linux distros) won’t like it if someone is watching what I do (after midnight activities :wink: ) and I’m not ok with some company taking my data to sell it or whatever.
At least Parrot Security OS should not modify/collect anything, you know what I mean?

The sources are here. Parrot Security (mirror of https://nest.parrotsec.org) · GitHub
I’m not sure if it’s all open-sourced, but the core installation is open-sourced. As long as you don’t download a shady program, you’re fine.

that’s it buddy, I know the core is open source, the question is wether the apps and everything that is pre-installed is open source.

Of course! No need to worry. Pre-installed apps are all open sourced and is all safe (if your ISO hash is valid). If you’re still not convinced, you could use CubesOS which is overkill. :smile:

what do you mean by “iso hash is valid”, I downloaded the file from parrot official website and used Etcher just like the site says

there’re some non free components in Parrot OS.
If you want a entirely FOSS distro, check out List of Free GNU/Linux Distributions - GNU Project - Free Software Foundation

1 Like

If you really want all the free components in parrot, you could go to /etc/apt/sources.list.d/parrot.list to remove the non free components. To his use, this is overkill. He wanted privacy, not total anonymity (if such thing ever exists).

Ah, I see. You’re moving from Windows or mac (I was a Windows user, and moved to Linux for around 2 months). In the past, there was a hackers who hacked (or poisoned the DNS I can’t remember lol) the website to re-direct the download page to a malicious ISO download. You could check if your installation is a legit one or not, by checking the hash using sha256sum <ISO file path> | grep <hash in the download page>. If the colored hash is not present, then you should re-install parrot by torrent.
Here’s an example:

Ooh the same way I did with Mint

1 Like

There are some close source apps but only pentest tools :slight_smile:

Close source doesn’t mean it violates privacy. It is like saying water is bad for your health because wine is liquor and so does water.

You can always check your system and check any suspicious thing. And in this case, there are some open source malwares.

You can protect your data with many tools and methods

We are not interested in your data :slight_smile:

The nasty apps…of course.

Not you, it’s the company (like Amazon) who would pay for it…just saying :slight_smile:

I know but…who knows

By the way, just wanted to say…the distro is awsome, I really like it, thanks guys.

Hi Dmkknght and the dev team,

Back to the question of privacy within the parrot operating system, I understand the team is not as large but I’d like to clarify on a few things.

Question 1:

1: you said you (parrot os) is not interested in our data, does this mean that:

• you (parrot os) or the dev team “can” choose to access or see our data or activity “but” choose not to see, log or access it even though it is possible?

• you (parrot os) or the dev team is “unable to and cannot” see, log, monitor or access or data or activity within the parrot os.

For example if we use any application within the parrot os. Can (parrot os) or the dev team track, access, trace or see or activity, key log, or anything on the scope of that?

Also If we install a third party program, is (parrot os) or the dev team able to track or monitor that?

Question 2:

If we download a malicious program (third party), does parrot os isolate that program so it cannot affect or infect the other aspects of the parrot os?

Thanks in advance and I look forward to your reply.

Q1) No, the Parrot team is not collecting your data in the first place. As they say “No telemetry, no BS”. ZERO byte of data is collected out of the box. Third party apps may collect your data (Chrome, Steam, etc.), but the pre-installed apps are not going to.

Q2) No, if you’ve downloaded it and then you give it permission to run it, it will not create a sand box to isolate it. This is not possible on any OS. If it ran on bare metal, you’re screwed. Use VMs or Docker (if possible), if you’re not sure about it being malicious or not. Most anti-virus will not save you. Every OS is as secure as the user, but it’s better to have a more secure OS out of the box like Parrot. Don’t install from untrusted source, unless you know what you’re doing.

I’m not a dev or the Parrot team, but I can assure you that. If you’re skeptical, then use other distro like Fedora, Debian, Gentoo or Arch to be super sure, since they are the main distros that are being rigorously tested, and QCed.

Q1) No, the Parrot team is not collecting your data in the first place. As they say “No telemetry, no BS”. ZERO byte of data is collected out of the box. Third party apps may collect your data (Chrome, Steam, etc.), but the pre-installed apps are not going to.

If you don’t believe me, open up wire shark, and find any suspicious requests, and write scripts to intercept packets on startup, and connections, or whatever. Also, please turn on firewall. IDK why firewall is disabled by default, but ok.

Latest version is having OpenSnitch which controls internet access of applications. Cheers!

1 Like

A: - I don’t want to have a GF right now. I’m to busy and i want to focus on my work
B: - You are gay

Dont you see you are changing the context?

  1. When does the 3rd party program is malicious?
  2. does parrot os isolate that program no there is no such magical technology like that. If you read more about sanboxing and more you’ll have the answer and why i said that (yeah i expected some argues about docker, vmware; questions about firejail … but what i’m talking about is this just about what you asked).

Guess what? I’m researching on that and i know how to block some activities but i can’t implement it for now. I’m sure with you Parrot will have something like that in future :slight_smile:

1 Like

Guess what? I’m researching on that and i know how to block some activities but i can’t implement it for now. I’m sure with you Parrot will have something like that in future :slight_smile:

One word.

NOICE!

It is not that nice. For now it is having too many problems. My scope is research on Mitre attack, all modules talk about Linux and try to write SELinux profiles to prevent activities.

1 Like