Tails recently released version 6.11, which contains fixes for a number of critical security vulnerabilities. These vulnerabilities would require an attacker to have first gained access to the system remotely (which is not currently known to be possible), and the Tails team is not aware of any of these vulnerabilities … Read More

The second in our new series of regular project retrospectives Read More

We’re pleased to announce that SecureDrop 2.11.1 has been released. This is a hotfix for a bug in this week’s 2.11.0 release that caused multiple spurious OSSEC alerts (“systemd OK: no failed units”) to be sent to administrators. Servers will be updated with this fix automatically on their next nightly … Read More

Browser-based cryptography has struggled with a longstanding chicken-and-egg problem that predates many features of the modern web, and while some of those features have reduced the problem’s severity, the issue remains: What is the basis for trusting the code that performs browser-based encryption? Read More

We’re pleased to announce that SecureDrop 2.11.0 has been released. Changes that journalists and administrators should be aware of are summarized in this blog post. A complete list of changes can be found in the changelog on GitHub.SecureDrop 2.11.0 will automatically run checks to ensure all servers are ready for … Read More

SecureDrop 2.11.0 is scheduled to be released Dec. 17. We will send out another notification through this blog, Mastodon, X, and the support portal when the release is live.We are soon approaching the end-of-life date for Ubuntu 20.04 (Focal), which all SecureDrops use. This release lays the foundation for an … Read More

Our annual project update for Aaron Swartz Day Read More

SecureDrop Client 0.14.0, part of the SecureDrop Workstation, has been released. Along with other changes, this release adds support for selecting and deleting multiple sources simultaneously, improving the experience for users managing high-traffic instances. Read More