Re: Debian derivatives census: Parrot Security: welcome!

On Fri, 2016-06-03 at 12:57 -0400, Lorenzo Faletra wrote:

Hi Paul, i was invited here time ago but ipve never had the time to
add our page (it was easier than expected).

Yeah, we optimised the process for ease of signup :)

i'll subscribe as soon as possible, i'm new to the debian wiki

Should be an option in the UI when you are logged in.

We used in the past to make little changes to some debian binary
packages to perform minor fixes without recompiling everything, but
now we do every change respecting the debian standards and
recompiling our packages from sources, infact you're right and the
page needs to be fixed

Good to hear you've moved to building from source :)

An example of binary modification we did in the past (just for the
records) was to add our custom theme to geany-common, then we edited
all the other geany packages to require the correct version of geany-
common without cross-compile them for every architecture, but now we
do everything from source.

Interesting, thanks. I expect you could have just added a new package
for your geany theme. I'm not familiar with geany themes though.

I've already contacted the responsible of this package to add the
vendor field, thanks for the tip.

Great, thanks.

Our (little) developers community has never had this need, but it is
a good idea to have one, i'll try to discuss it with my team.

Probably setting the FaceBook page as your blog is the way to go.

We encountered some errors during our development path, but we
thought they were caused by our patches and modifications, but we are
always happy to open bug reports or contact involved package
maintainers when we are sure that the problem is not on our side, but
i'll try how-can-i-help.

Great :)

We are in strict collaboration with Caine (based on ubuntu) for what
concerns the digital forensics environment, while we imported many
debianized tools from kali where we thought it was useless to re-
invent the wheel, focusing only on what we want to do in our own way,
but we would be happy to make our relationship with kali more
official (and contribute back where possible), and also a
collaboration with tails and whonix would be interesting for what
concerns our development of anonsurf and other similar tools

I hadn't heard of Caine. It is amazing how many distros and tools there
are in the security space.

Our main DE is mate, and we provide a tiny derivative project which
uses lxde, but many users have experimented kde and i3 too, i'll try
to get a feedback from our community and see what changes should be
useful to be imported on debian too.

Great :)

We recently put our cloudflare firewall in aggressive mode due to
some recent attacks, but it we aregoing to restore it within monday,
some members of the team have also proposed to make our website
available as a tor hidden service and make our repository abailable
on tor too, but it is still in progress.

Good to hear :)

We have already added the dnssec and hsts options, i'll check why
they are not enabled, thanks for having reported that.

My DNSSEC test was minimal, just checked for RRSIG. TBH I did not check
HSTS but I did just now and it isn't present. You are also wasting some
header bytes on some weird X-* headers.
--
bye,
pabs

https://wiki.debian.org/PaulWise