I was hacked by a hacker for 2 years. For 2 years this hacker hacked every device that was near me. Because of the fact that I found out his identity and the identity of other hackers that he is involved with, he harassed the hell out of me and my family for two years. He trapped me in a virtual machine with fake internet, fake apps, fake everything.
I am not going to get into too many details about this but there is a large group of well paid hackers hacking every device globally. The two methods that they use is flashing areas where your firmware is stored such as the bin file area of your DVD/CD optical drive and replacing your EFI boot-loader. They then create a hidden root folder section and take full administrator control over your device. They are using an Arch-Linux file system.
When I first started using Linux, I wanted to use Arch-Linux but the Parrot Distro was the only Linux distribution that included the WIFI driver which was needed for me to connect to the internet. I installed many Linux distributions and none of them allowed me to connect to the internet. Since then, I have fell in love with Parrot. For me it is the best operating system available.
PARROT MUST HAVE BETTER SECURITY
What would really make Parrot stand out from the crowd is to add two simple security tools. Simple for someone that knows that knows what they are doing better than me. First, at this link there is an awesome tutorial on how to install a very secure system which Archlinux.
Secure your boot process: UEFI + Secureboot + EFISTUB + Luks2 + lvm + ArchLinux
https://nwildner.com/posts/2020-07-04-secure-your-boot-process/
The first part of this method allows you to store your Luks container keys on a separate drive in another Luks container. You can even store them in a USB device. I could not figure out how to do this with a Parrot installation. The crypto_keyfile.bin is totally vulnerable while your system is decrypted and running.
Also, if the developers of Parrot created an automated script to sign the kernel using custom keys for the UEFI secure boot process this would really make Parrot stand out from the crowd. I am just now learning about this. The keys can be generated using the well-known mkkeys.sh script.
https://www.rodsbooks.com/efi-bootloaders/mkkeys.sh
Better detailed instructions can be found here:
When I was hacked the loop device rootkit took control over Parrot very easily. However, when I used the Discreete Linux distro it not only disabled this rootkit but it allowed me to disassemble the rootkit. Discreete Linux seems to have been abandoned for some years now. I wish Parrot was hardened and secure as this old Linux distro.
Please! Please add these security features to Parrot. Thank you.