SecureDrop 2.12.2 has been released. This release enables the first phase of automated Noble upgrades and provides an additional check to verify the state of Ethernet interfaces prior to upgrade. Read More

SecureDrop Workstation 1.1.2 has been released! This version removes the “sd-retain-logvm” that was created for forensic analysis purposes in response to a vulnerability disclosed in February. Read More

SecureDrop 2.12.1 has been released. This is an Admin Workstation-only release, which improves the reliability of the semiautomated Ubuntu Noble upgrade when using SSH-over-Tor. Read More

In this post, we introduce Web-based Code Assurance and Transparency, a project that supports verifiable in-browser code for single-page browser applications. Along with this post, we are publishing the WEBCAT project repository; follow-up posts will provide more detailed information. Read More

SecureDrop 2.12.0 has been released, adding support for Ubuntu Noble, plus a semiautomated upgrade process. Administrators can upgrade themselves before April 15 or wait for our automated upgrade process after that date. Read More

SecureDrop 2.12.0 is scheduled to be released on March 18, 2025, adding support for Ubuntu Noble, plus a semiautomated upgrade process. Administrators will have three weeks following the release to perform the semiautomated upgrade, or wait for our automated upgrade process after that period. Read More

SecureDrop team member Kunal Mehta demo’d the SecureDrop Workstation at RightsCon 2025 on Feb. 25. You can watch a recording of the talk; the slides are also available. Read More

Over the next two months, all SecureDrops will see their underlying Ubuntu operating system upgraded from version 20.04 (code-named “Focal”) to 24.04 (“Noble”). This is the first time we’ve performed an in-place upgrade. This blog post explains the technical background and process that led to this. Read More