Verified Commit c199c9d6 authored by s1udge's avatar s1udge 💬

added to release notes, not complete yet

parent 097a4f60
_site _site
.sass-cache .sass-cache
.jekyll-metadata .jekyll-metadata
_posts/WIP-2019-04-26-parrot-4-6-release-notes.md
...@@ -12,98 +12,130 @@ categories: ...@@ -12,98 +12,130 @@ categories:
# Parrot 4.6 development notes # Parrot 4.6 development notes
We are proud to announce the release of Parrot 4.6, an important Parrot project update that came out after 3 months of heavy development. We are proud to announce the release of Parrot 4.6, an important Parrot OS update that came out after 3 months of heavy development.
--- ---
# Parrot Security KDE Edition # Parrot Security KDE Edition
After many user requests, we finally developed a Security edition featuring the KDE Plasma desktop environment. When we first added KDE, it was an experiment. We love Mate but we'd heard great things
Parrot now offers both MATE and KDE images for its Home and Security editions. about KDE and decided we could try and support two desktop environments. Because of the
work required to change everything from Mate to KDE. We started with KDE Home. The
feedback was immediate, you guys loved it. The recurring request since has been "how do I
add the tools". We heard you and it is finally here! A Security edition featuring the KDE
Plasma desktop environment.
We now offer both MATE and KDE images for the Home and Security editions.
![parrot security kde](../img/parrot-4.6-kde-security.jpg) ![parrot security kde](../img/parrot-4.6-kde-security.jpg)
--- ---
## Appearence updates # System Changes
## Appearance
Our design team developed a new graphic concept for Parrot 4.6, Our design [team](https://www.parrotsec.org/docs/team/#design-team) developed a new, ultra, awesome visual experience for Parrot 4.6,
which now includes a brand new boot splash animation and a new desktop background. feast your eyes on a new boot-splash animation and desktop background!
desktop-base and parrot-wallpapers were updated to reflect such changes and include the new Parrot appearence. The desktop-base and parrot-wallpapers also received some love and are updated to reflect
Themes and Icons are still the old ones. such changes including the new Parrot appearence.
**Note:**The themes and icons are still the same.
--- ---
# APT now enforces https ## APT now enforces https
We have modified our APT implementation to support https-to-http downgrades.
This allowed us to configure our repository as https by default. For visual reference
We modified our APT implementation to support https-to-http downgrades.
This allowed us to configure our repository as https by default.
Parrot 4.6 is now configured to serve signed index files via https by default, Parrot 4.6 is now configured to serve signed index files via https by default,
and the mirror redirector is configured to redirect traffic to its https mirrors when available. and the mirror redirector is configured to redirect traffic to https mirrors when available.
In case a https mirror is not available, the packages are downloaded by fallback http mirrors, but APT is made to verify the signatures. In case an https mirror is not available, the packages are downloaded by fallback http mirrors, but APT will still verify the signatures.
In other debian-based systems and in previous Parrot versions, mirrors use http by default, and https is just an exception. In other debian-based systems and previous Parrot OS versions, mirrors used http by default, and https is just an exception.
Http downloads don't represent a security risk because gpg signatures are more effective than ssl downloads in certifying repository integrity, as decribed on [this website - https://whydoesaptnotusehttps.com/](https://whydoesaptnotusehttps.com/), but we are working to make the downloads more secure, and make harder for bad providers to track user activities (i.e. knowing if a user is installing a specific software).
Http downloads don't represent a security risk because gpg signatures are more effective
--- than ssl downloads in certifying repository integrity, as described on [this website - https://whydoesaptnotusehttps.com/](https://whydoesaptnotusehttps.com/).
Although you can never eliminate risk of bad actors, we hope to increase the cost for
providers attempting to intercept or track user activities (i.e. knowing if a
# Anonsurf adds OpenNIC support user is installing specific software).
Anonsurf now integrates a new option to reconfigure the system DNS servers to use the OpenNIC DNS resolvers.
OpenNIC is a community-driven dns resolver provider that respects ---
## Anonsurf has OpenNIC support
Anonsurf now integrates a new option to change from the system DNS servers to OpenNIC DNS resolvers.
[OpenNIC](https://www.opennic.org) is a community-driven dns resolver provider that respects
user freedom and allows domain resolution of some special top level domains. user freedom and allows domain resolution of some special top level domains.
![OpenNIC features](../img/parrot-4.6-opennic.png) ![OpenNIC features](../img/parrot-4.6-opennic.png)
--- ---
# Minor updates # Minor updates
## better snap package support ## Better snap support
now shown in the applications menu by default Now when you install from snap it will show up in the applications menu by default
## updated apparmor and firejail profiles ## AppArmor and Firejail profiles have been updated
Sandboxed applications are now more stable and reliable than before, and we are pushing forward We are constantly trying to rebuild the sandbox :) We love firejail and AppArmor and we
our custom profiles development and testing. hope to achieve a state of near hassle-free setup and use. Sandboxed applications in
## better vpn support Parrot OS are now more stable and reliable than before, and we are pushing forward with
network-manager now integrates all the available vpn plugins by default plans to not only add more profiles but utilize firejails capabilites to it's fullest
## matrix and riot.im with our custom profiles development and testing.
revolt matrix client now replaces dino-im xmpp client.
MATRIX is a very powerful and advanced federated instant messaging protocol, and we are working to move ## Better OpenVPN support
our community to it. Setting up your VPN should be painless and quick. Network-manager now integrates all the
available VPN plugins by default, allowing that experience to be just that.
## reverse engineering news ## Matrix and Riot.IM
While we evaluate the inclusion of NSA's Ghidra, we decided to include Cutter, a powerful GUI to radare2, which is one of the most powerful reverse engineering frameworks out there. We love federated instant messaging protocols! We love [XMPP](https://xmpp.org/about/) and [Matrix](https://matrix.org/blog/index) for what they bring to the table.
Though we like [Dino](https://dino.im/) we realized we wanted something that was sexy, lightweight
and worked with XMPP and MTProto. Using Matrix does all of this and more through bridges.
Cutter makes it easier to work with the radare2 framework and pushes the Parrot reverse engineering capabilities to a new level. [Revolt](https://github.com/aperezdc/revolt) is a [Riot.IM](https://about.riot.im/) desktop integration written mostly in Python, and shell fits our needs perfectly. (Riot.IM is a chat client built on the Matrix protocol.)
## improved drivers support There are several Matrix clients to pick from and we're still testing. But as we work to move our community torward XMPP and Matrix we think it makes sense to have Revolt, you never know when skynet will be activated :)
Parrot 4.6 includes the Linux 4.19 kernel includes security patches, performance improvements and a better hardware support. ## Improved drivers support
Parrot 4.6 includes the Linux 4.19 kernel which contains several security patches, performance improvements and a better hardware support.
Moreover Parrot 4.6 features important updates for broadcom and other wireless chipset manufacturers, Moreover Parrot 4.6 features important updates for broadcom and other wireless chipset manufacturers,
and the Nvidia drivers were updated to the latest 410 version with better Quadro support. and the Nvidia drivers were updated to the latest 410 version with better Quadro support.
[Debian Kernel Changelog](https://metadata.ftp-master.debian.org/changelogs//main/l/linux-signed-arm64/linux-signed-arm64_4.19.28+2_changelog) - [Linux changelog](https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19)
## reverse engineering news
While we evaluate the inclusion of NSA's Ghidra, we decided to include [Cutter](https://github.com/radareorg/cutter), a powerful GUI to radare2, which is one of the most powerful reverse engineering frameworks out there.
Cutter makes it easier to work with the radare2 framework and pushes Parrot's reverse engineering capabilities to a new level.
## tool updates ## Tool updates
Many tools reveived important updates since the release of the previous Parrot version. From airgeddon to metasploit up to the latest bettercap version, all the tools are now up to date to their latest versions compatible with Parrot. Many tools received important updates since the release of the previous Parrot version. From airgeddon to metasploit up to the latest bettercap version, all the tools are now up to date to their latest versions compatible with Parrot.
## development support improved ## development support improved
...@@ -119,4 +151,11 @@ We are also proud to host the new [VSCodium website](https://www.vscodium.com) o ...@@ -119,4 +151,11 @@ We are also proud to host the new [VSCodium website](https://www.vscodium.com) o
## other system updates ## other system updates
The MATE desktop environment received some minor stability updates, and Firefox 65 was included. The MATE desktop environment received some minor stability updates, and Firefox 65 was included.
\ No newline at end of file
## The Road ahead
Write a brief summary of how things have changed within the Project (all
the people we added and how much things will change)
Then write up our roadmap to include:
The hardening we intend to do
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment