Should beginners install Kali Linux on their computers?

Credit: Piyal Kundu

Also in today's open source roundup: Black Lab Linux 7.6 released, and the meaning of Bash on Microsoft's Windows operating system

DistroWatch reviews Kali Linux 2016.1

Kali Linux is bird of a slightly different feather, in terms of Linux distributions. Kali's focus is on security and forensics, but some Linux novices have been installing it without knowing much about either thing. DistroWatch has a full review of Kali Linux 2016.1 and doesn't think it's really appropriate for beginners.

Jesse Smith reports for DistroWatch:

Kali Linux, which was formally known as BackTrack, is a forensic and security-focused distribution based on Debian's Testing branch. Kali Linux is designed with penetration testing, data recovery and threat detection in mind. The project switched over to a rolling release model earlier this year in an effort to provide more up to date security utilities to the distribution's users.

By the time I was finished my trial with Kali Linux I was more puzzled than when I started as to why I keep hearing about new Linux users installing the distribution. Nothing on the project's website suggests it is a good distribution for beginners or, in fact, anyone other than security researches. In fact, the Kali website specifically warns people about its nature.

That is not to say Kali isn't a good distribution. The project has a very precise mission: provide a wide variety of security tools in a live (and installable) package. As a live disc a professional can take with them to jobs and use from any computer, Kali does quite well. The catch is we need to already be familiar with the security tools Kali provides. Friendly and discoverable graphical applications are few and far between with Kali and almost everything is done from the command line.

…I would like to mention something that using Kali Linux highlighted for me this week. Kali Linux is good at what it does: acting as a platform for up to date security utilities. But in using Kali, it became painfully clear that there is a lack of friendly open source security tools and an even greater lack of good documentation for these tools. Some of the tools Kali ships I had used before and some I had not. And, being exposed to the new tools, I was struck by just how unfriendly their help pages and documentation were for learning what each tool was and how it was to be used. This is not a fault of Kali Linux, but certainly a fault many upstream software projects share. I think we, as developers, need to be reminded that everyone uses our software for the first time once, and they're not likely to use it a second time if we do a poor job of making our software easy to learn.

More at DistroWatch

Jesse Smith's review of Kali Linux 2016.1 spawned a thread on the Linux subreddit and folks there weren't shy about sharing their opinions about his review or about beginners that try to run Kali:

A_dank_knight: "Seriously, how do you review Kali Linux if you aren't a knowledgeable penetration tester and that's not your audience?

The point of it is penetration testing, if it's good at that is the only criterion of quality for it. This review is seriously reviewing it on the usability of its GNOME implementation and not a word about actual penetration testing. I doubt that whomever this is meant for is going to care about the former and is much more intrested in the latter.

Jensreuterberg: "It's sort of the point I thought… I mean Kali Linux is one of those distro's that new arrivals to Linux seem to install by the truck load. I don't know how often in different "Eye Candy" threads I've read "oh this is Kali Linux" and some inquiring later you realize that they don't even grasp what "penetration testing" is.

I assumed, when reading the review, that Jessie Smith was coming from that vantage point too - wanting to find out why a lot of people install Kali without knowing why."

Entze: "Problem is that many inexperienced users use Kali as their main distro because they see "penetration testing" and think of it as normal GNU/Linux with some hax0r tools. While Kali is not suited for non-penetration testing audience.

Maybe they wanted to review it with this problem in mind. Thus reviewing it as normal distro rather than a pentest distro."

RK65535: "The reasons why novices start with Kali is, quite simply, Linux has the reputation of being associated with hackers. I bet those people were thrown off when they heard of Elementary or some other distro and saw that they couldn't break into their neighbors WiFi with it right out of the box."

Galt42: "Novices start with Kali?

God… there's so much you have to know in order to do anything. Like the command line, for instance."

Sdm1031: "Being a Kali user, when the circumstance calls for it, I found this review to be so flawed. Kali is aimed at a particular subset of Linux users. Pentesters, hackers, etc. Those that are in that niche generally already know the tools they want to use. Even if there is a tool included that a person has not used, the subset of people that would be using this distro would know how to find the help needed to use said tool.

The reviewer made it sound like it's a horrible thing that the tools were mostly from shell and not GUI. I personally think this was a horrible review on so many points. Kali is designed for a specific audience. If you want to run Gnucash or Libreoffice, go install something that's more suited towards workstation usage, not a distro that's designed for a specific purpose."

More at Reddit

1 2 Page 1
From CIO: 8 Free Online Courses to Grow Your Tech Skills
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies