ROSA Marathon is a Linux distribution derived from Mandriva Desktop. It is developed by ROSA Labs, a Linux solutions provider based in Moscow, Russia. ROSA Marathon 2012, the latest edition, was released just a few days ago. As a Mandriva-drived distribution, ROSA Marathon retains all the excellent graphical (management) applications of its parent distribution.
One of those applications, is the installer. While I will not necessarily describe it as an “excellent application”, it is one of the very few graphical installation programs with support for disk encryption, which is a very important feature to have and configure if you want to boost the physical security profile of your computer.
But while other graphical installers with support for disk encryption, like Anaconda, the Fedora system installer, for example, support encryption of all partitions other than the boot partition, it is not possible to encrypt the root partition with ROSA Marathon’s installer.
The following image shows what happens during disk partitioning if you mount a partition at /, the root partition’s mount point.
And if you decide to put the /usr directory on a separate partition, it, too, cannot be encrypted.
Same for the partition mounted at /var.
About the only major partition that the installer will allow you to encrypt, is the one mounted at /home, where all user home directories and folders are located.
So, does encrypting just the home partition offer the same level of physical security as encrypting everything? To a large extent, yes, because the net effect is that the system will not boot until the home partition’s encryption passphrase is specified. The image below shows what you will see anytime you boot the computer.
Anybody attempting to login will, after seven failed attempts, see this.
And even if the person knows the root password, there is still very little (s)he can do, hopefully, unless (s)he is a ninja Black Hat.
ROSA may have a nice installer that will allow you to encrypt the drive but it crashes when trying to install codecs to play basic music and video files same as with Mageia… … except Mageia is worse because while it correctly detects the audio hardware and installs the driver there is no sound at all and trying to fix it with the advice on their forum results in no improvement. Funny thing is that sound works correctly with Mandriva which Mageia is based on. I just do not understand how a few Distribution developers cannot get the basic correct when the vast majority can.
In test installations on real hardware and virtual environment, sound works just fine on ROSA Marathon 2012 – out of the box. Never had to tweak anything.