In this post, we introduce Web-based Code Assurance and Transparency, a project that supports verifiable in-browser code for single-page browser applications. Along with this post, we are publishing the WEBCAT project repository; follow-up posts will provide more detailed information. Read More

SecureDrop 2.12.0 has been released, adding support for Ubuntu Noble, plus a semiautomated upgrade process. Administrators can upgrade themselves before April 15 or wait for our automated upgrade process after that date. Read More

SecureDrop 2.12.0 is scheduled to be released on March 18, 2025, adding support for Ubuntu Noble, plus a semiautomated upgrade process. Administrators will have three weeks following the release to perform the semiautomated upgrade, or wait for our automated upgrade process after that period. Read More

SecureDrop team member Kunal Mehta demo’d the SecureDrop Workstation at RightsCon 2025 on Feb. 25. You can watch a recording of the talk; the slides are also available. Read More

Over the next two months, all SecureDrops will see their underlying Ubuntu operating system upgraded from version 20.04 (code-named “Focal”) to 24.04 (“Noble”). This is the first time we’ve performed an in-place upgrade. This blog post explains the technical background and process that led to this. Read More

SecureDrop Workstation 1.1.1 has been released! This version adds support for Fedora 41-based system VMs and allows for more robust provisioning and updating. Read More

Over the past month, we’ve seen significant interest in newsrooms setting up SecureDrop. We’re excited to see more adoption of SecureDrop. Here are five things you should know before getting started: Read More

In internal code review, we found two security vulnerabilities in the SecureDrop Workstation. We have released SecureDrop Workstation 1.0.1 and SecureDrop Client 0.14.1 to fix both vulnerabilities. Read More