Parrot 4.0 development discussions


(Lorenzo "Palinuro" Faletra) #1

I’M FUCKIN PROUD TO START THIS THREAD!

yes, i’m working on it, and i want it to rock hard!


(517hum 54nd33p4) #2

I want to add delow packages -
#>TheFatRat
#>uGET
#>Clementine
#>ktorrent

I what desktop like this -



Sorry for my ugly gfx design .
#> Application menu
Login screen -

#>Greeter

Finally OpenRC too…


(Lorenzo "Palinuro" Faletra) #3

come on, we’re not going to replace mate with the elementaryos pantheon interface, we are a pentest distro and both resources consumption and hierarchic menu tools are too important for us

and i don’t understand why we should replace qbittorrent with ktorrent, because they look almost the same and integrate the same features, but qbittorrent requires less dependencies and is more lightweight

uget would be a good tool to be added

clementine makes no sense on parrot security as we already have vlc, maybe we can add it to the studio edition

thefatrat needs to be packaged and debianized in our repository and no one wanted to do that

openrc is not ready for debian, but i’m here waiting to remove that fuckin’ systemd down there


(Lorenzo "Palinuro" Faletra) #4

IMPORTANT NEWS

i would like to release Parrot 4.0 or one of its first beta releases for March 28 2018

@mibofra what about the arm builds?


(r0r0x) #5

It would be quite cool to put a little Acvamarin on it again, it would give a very nice graphic design.


(Lorenzo "Palinuro" Faletra) #6

i know but the acvamarin theme seems to be discontinued and it is no longer compatible with modern gtk engines, it would not work on parrot and mate 1.20


(Mike Snowhill) #7

Well - what is the reason behind v4? What are the main architectural changes you want to achieve to justify the major release level bump? A list of user packages are not really relevant because anyone can add them themselves if they really want…


#8

Parrot in its present form is very good as it is, 3.11 64bit security i use and i can design it to my style, and what tools i need to use or test out, theres not much more thats needed tbh the standard design is good enough, installing different themes is up to the specific user, it is a workable design for everybody, and it works out of the box for most


#9

I personally think 4.0 should be used to not fundamentally change things but more optimise and tweak things behind the scenes and possibly push out patches to really just refine the OS and possibly try and get performance boosts. Also possibly simplifying the installation process I have found it to be a pain in the ass occasionally other than that I think its perfectly fine. Possibly adding a guide like Debian has as well would be a cool idea with brief tutorials or the most used tools ?


#10

Please make Anonsurf capable of restarting the Tor network in a live, encrypted-persistence (USB) installation. -->> Anonymous Mode Will Not Restart

I’m skeptical that merely restarting the Tor daemon (sudo service tor start/reload) will completely anonymize the TCP network. I get no Tor circuit by simply restarting the Tor daemon. Hence, none of my internet traffic is routed through Tor. Not sure if my VPN is leaking my MAC address.

Regardless, I LOVE running multiple VM’s in a Parrot host on a live, encrypted-persistence installation. But even Tails running in a VM will leak your MAC address if the host OS (Parrot) isn’t properly secured. -->> “The Tails virtual machine does not modify the behaviour of the host operating system and the network traffic of the host is not anonymized. The MAC address of the computer is not modified by the MAC address spoofing feature of Tails when run in a virtual machine (https://tails.boum.org/doc/first_steps/startup_options/mac_spoofing/index.en.html).”


#11

Is there will be any fixes for veil and wine in parrot v4?


(Musaab Osman) #12

I would greatly appreciate if you could make sure Mate’s HiDPI mode works properly :slight_smile:
When I use it, some of the UI elements spaz out.


(Mike Snowhill) #13

Agreed - Parrot is already very good! It just needs polishing up!

In which case it is not a major release - and it would continue on the 3.x line.

Again - what do you want to achieve with 4.x - is this not just looking for work…


(Mike Snowhill) #14

BTW - I seem to recall some discussion of “moving away” (Devuan) from systemd - that would justify v4.x status. Do not adopt Devuan - it would be a big mistake. It would also be a “Totally Different Distro” and not Parrot anymore.

HOWEVER - I think it would be a big mistake to assume that one knows better than the entire Debian community - or move away from a Debian base. Systemd for better/worse is the common accepted way across many platforms until something better comes along. It is better than initd - so we have that.

Personally - I really like Parrot the way it is - It is fantastic! how to make it better? You are not going to like this - Better Documentation! Debian is a staggering success because of fantastic documentation and coverage thereof.

Thanks once again for great distribution - I will be contributing to you guys for the great work - btw do you accept Litecoin? You should!


(517hum 54nd33p4) #15

@palinuro thanks :blush: for your reply.

@user42 I think parrot sec want architectural change like OpenRC . Otherwise developers are hate systemd . You can see it form this words

so systemd is big trouble for developer than user. If developer can migrate to OpenRC , user can use it as systemd will not trouble for user’s day today works.

@user42 & @Kernel_Troll parrot sec will have documentation after 4.0 release .

so guys if you like you can contribute it :wink: .


#17

I think the issue is that Systemd is terribly complacent and to be honest from my experience with Linux and Init on BSD is that the current crop of devs are going with what is fashionable and cool and possibly not what the eco system needs overall but that’s just my opinion. Debian is reasonably secure so by default Parrot is too. If you harden parrot and put it behind a OpenBSD firewall on a seperate system you are going to be a tough nut to crack if you follow reasonable security practices.

However I digress my point is that we should be developing to be secure and as bug free as possible and I feel Systemd goes against that thought process.


(Mike Snowhill) #18

I am not opposed to helping-out and writing-up some sections on some topics that I understand - sure!


(Mike Snowhill) #19

OpenBSD pf is a good point - it is also great - one of my other (many) “favorite things”.

The irony is that I use Parrot in a way that I am sure it was not designed to be used. I use is as my “daily-driver” and boot my Thinkpad T470 straight into Parrot - no other OS, nothing. And it is just perfect. I never use it as “pen testing” - the only “pen os” I use is Tails for deep level “skunk works” operations.

so one thing Parrot misses for installed systems is a good firewall (I am using ufw/gufw - but I do not really have good feeling about those…)


#20

Yeah I absolutely agree about OpenBSD a high level review for the UK Treasury department in 2008 review their cyber defenses for the Financially sensitive department and all they had back then protecting it was a checkpoint firewall which allowed everything through :stuck_out_tongue:.

It was quickly fixed using OpenBSD as well as making multiple DMZ’s for the different departments but my point about this story is Parrot are absolutely right about using FireJail but they probably need more than that. However because I am not skilled enough to write packages for them yet I won’t go on too much.

I personally use Parrot OS as one of my daily drivers. I use Windows 7, Windows 10, OpenSuse, OpenBSD and Parrot OS on a regular basis but I also use Debian on a notebook. My daily Driver of a Phone runs CopperHeadOS.

But honestly I think bug hunting and streamlining is the way forward with Parrot 4.0 possibly also look at long-term development of where the OS is going and layout a road map with goals ? I don’t know whether that is a good idea or not.

However we should also put links to Patreon and fundraising efforts in my opinion to help support the devs somehow integrate it into the forums a bit more obviously.


(Mike Snowhill) #21

Checkpoint = Israeli company = Mossad backdoor for large corporate and organizations.

Anyone who believes that these so-called “security companies” have your best interests at heart and are not working for/with their local governments to suck up all your data (especially big companies - for national competitive advantage / National security) is SADLY misguided.

And that is the sad conclusion - there is almost no-way to avoid being hacked/snooped by someone who really wants to get access to your personal data - you can take all the precautions - but at sovereign level you have no-chance as Snowden kindly let us know.