Parrot Security Review

Parrot OS offers a more secure desktop with practical tools for both newbies and veteran users that encourage better security habits. By Bruce By field

The Parrot OS home page [1] lists four major concerns: security, software freedom, a lightweight system, and cross-platform por­tability. To these concerns, it also adds a thorough development stack and the goal “to push newbies into good hab­its.” Of all these concerns, Parrot is best known for being security conscious. However, it succeeds in all of these concerns to a degree. In particu­lar, by making privacy and security tools part of the standard install, Parrot is probably most successful in pushing all users – not just newbies – into bet­ter security habits.

Parrot Security Review
Parrot Security Review

Figure 1: The Parrot OS’s MATE-based desktop.

Based on Debian Testing, Parrot OS is a rolling release, with packages updated as soon as they have been tested, al­though official releases are periodically released as well. It also offers a choice of MATE or KDE Plasma as a desktop environment. Parrot requires 256MB of RAM, making it lightweight by modern standards and suitable for older systems as well as new ones. Its goal of cross­platform portability is seen in the num­ber of downloads available. The Home Edition is for general users (Figure 1), and the Security Edition is for penetra­tion testing and other security work and programming (Figure 2). Both the Home and Security Editions run virtu­ally in Boxes and include images for VMware and VirtualBox. The Security Edition includes variants for IoT and cloud appliances. Parrot OS also offers a Pwnbox version that runs in a web browser and an ARMv7 architecture version. In addition, the installation im­ages for the Home and Security Editions include a Live version. Installation is via the Calamares installer (Figure 3), one of the simplest installation methods available for distributions.


Available Applications

Parrot OS’s most notable feature is its software selection. Only a handful of productivity applications are available, such as LibreOffice and Gimp, in keep­ing with the basic security principle of installing the minimum software re­quired in order to reduce the opportu­nities for possible attacks. Beyond these basics, users should install only the software they require. Even the game menu is limited to a 2D chess game – a hint, perhaps, at the intellec­tual users that Parrot expects to attract.

Both editions have the usual MATE system tools, such as BleachBit for cleaning up installed software and GParted for disk partitioning, but only the Security Edition includes a menu for starting and stopping services. Sim­ilarly, both editions include Vim and Neovim. However, the Home Edition includes only three dedicated program­ming tools: Geany, the programming text editor; links to VSCodium, a col­lection of open source binaries for Mi­crosoft’s Visual Studio Code; and Zeal, a help site for developers. By contrast, the Security Edition includes an addi­tional five applications and links, among them Git Cola, a GUI for Git; Meld, a diff and merge tool; and git-dag, a graphical depiction of Git history. From the selection of tools available in the two editions, the as­sumption seems to be that hobbyist programmers will use the Home Edi­tion, and administrators and more ad­vanced programmers working on large projects, often with remote versioning repositories, will install the Security Edition.

Parrot Security Review

Figure 2: The Security Edition contains dozens of scripts and apps, as shown by the extensive menu for penetration testing.

Parrot Security Review

Figure 3: Parrot OS uses the Calamares installer.

However, it is in privacy and security tools that Parrot OS really stands out. Some of these tools, such as the Elec­trum Bitcoin Wallet, the Ricochet chat app, or the GNU Privacy Assistant, are developed by other projects; others, such as OnionShare or AnonSurf, are devel­oped by the Parrot Project itself. Occa­sionally, the available tools overlap. For example, Parrot OS offers both Tor and I2P for anonymous web browsing, leav­ing users to decide which one to use.

Parrot Security Review

Figure 4: AnonSurf is an example of the simple efficiency of the apps designed by the Parrot Project.

The Home Edition focuses on pri­vacy. AnonSurf takes Tor one step fur­ther by anonymizing all system com­munication, beginning by shutting down potentially vulnerable apps and changing a user’s IP address with a single click of a button (Figure 4). Also included are five different encryption tools as well as a metadata cleaner and a secure file deleter. Unlike many pri­vacy tools, most of the tools in the Home Edition have easy-to-use graphic interfaces and embedded help that as­sume minimal prior knowledge. When a tool lacks a GUI, Parrot OS’s menu opens a terminal at the appropriate man page. As a result, more users should be encouraged to use these tools, and, perhaps, feel confident enough to learn more about the princi­ples behind them.

The Security Edition’s menu is domi­nated by the Pentesting (penetration test­ing) top-level menu for forensic investi­gations. The menu is so crammed with scripts and apps that the second-level menu contains 14 items, including Most Used Items, Information Gathering, Vul­nerability Analysis, Exploitation Tools, Password Attacks, Sniffing & Spoofing, and Reverse Engineering, to say nothing of third- and fourth-level menus, some of which are even longer. The entries alone are the start of an education – who knew, for example, that Linux was im­portant enough in the car industry that there would be an Automotive option?

All this is just an overview. Just listing the scripts and apps included in Parrot OS would take at least 5,000 words and fully documenting everything would take a book. Parrot OS essentially pro­vides a curated range of Linux privacy and security tools. Just having all these resources on one menu makes learning about security easier.


Security Accessibility

Security often means a trade-off with convenience, and Parrot OS is no ex­ception. To start with, KDE’s Plasma is hardly in keeping with the goal of being lightweight. For that matter, any desktop environment is just one more place where things can go wrong. For that reason, many security experts pre­fer to work exclusively from the com­mand line. In addition, while Debian Testing is often said to be more reliable than most distributions’ general re­leases, Debian Stable would be a more secure choice for building a distribu­tion. These choices seem to be made for the simple reason that many users prefer a desktop environment and to offer users apps closer to the latest re­leases (Debian Stable is sometimes several releases behind).

If Parrot OS does not offer the most se­cure distribution possible, it does offer more security than most distributions. Parrot OS installs with a wide range of privacy and security tools, many of which are easily configured or installed ready for use. More than anything, Par­rot OS offers easy access to privacy and security. Although Parrot is potentially more secure than most distributions, its greatest accomplishment is security edu­cation, something that is sadly lacking elsewhere despite years of concern and growing necessity. Parrot OS provides both a basic curriculum and a practical set of tools.


[1] Parrot OS:


Bruce Byfield is a computer journalist and a freelance writer and editor specializing in free and open source software. In addition to his writing projects, he also teaches live and e-learning courses. In his spare time, Bruce writes about Northwest Coast art (http://brucebyfield. wordpress. com). He is also co-founder of Prentice Pieces, a blog about writing and fantasy at

Series Navigation<< Lubuntu 21.10 Review
TNR earns Amazon affiliate commissions from qualifying purchases. You can support the site directly via Paypal donations ☕. Thank you!

Let us know your thoughts on a product or view reviews from our members, independent experts and other websites.

Leave a reply

Compare items
  • Total (0)
Shopping cart