Interest Article

Anatomy of a whistleblowing system

The SecureDrop team details the goals for a redesign of the platform’s server architecture and discusses the design constraints of a whistleblowing system. Read More

Interest Article

Consolidating SecureDrop Workstation’s Git repositories to make development easier

As the SecureDrop team previously announced, we’re shifting our focus in order to graduate SecureDrop Workstation from its pilot phase. One of the first steps we’ve taken in this direction is to reorganize and consolidate multiple related Git repositories to make development and releases easier and faster. Read More

Release Announcement

SecureDrop 2.7.0 Released

SecureDrop 2.7.0 has been released. This release includes a migration to Sequoia-PGP as the supported encryption backend, continuous localization support, and several other improvements. Read More

Interest Article

Migrating SecureDrop’s PGP backend from GnuPG to Sequoia

In the upcoming SecureDrop 2.7.0 release, we’ve made a technical change that will be invisible to users but improve reliability and robustness — and provide better security going forward.SecureDrop relies on the OpenPGP standard for encrypting all data and messages that pass through the server. Historically, we have used GnuPG, or GPG for this; we are now switching to the newer Sequoia-PGP library implemented in Rust.In this blog post, we’ll give an overview of the encryption in SecureDrop, and explain why and how we switched to Sequoia. Read More

Pre-Release Announcement

SecureDrop 2.7.0 Pre-Release Announcement

SecureDrop 2.7.0 is scheduled to be released on November 2, 2023. We will send out another notification through this blog, Mastodon, X (formerly Twitter), and the support portal when the release is live. Changes that journalists and administrators should be aware of are summarized in this blog post. Read More

Release Announcement

SecureDrop 2.6.1 Released

We’re pleased to announce that SecureDrop 2.6.1 has been released. This point release contains an update for Tails workstations only. Server code is not affected and will remain at version 2.6.0. Read More

Interest Article

Future directions for SecureDrop

Going forward, new features for SecureDrop will be focused on the Qubes OS-based SecureDrop Workstation. We are also developing a next-generation SecureDrop messaging and encryption protocol. This post discusses the motivations behind these new directions and explains what they mean for SecureDrop users and contributors. Read More

Release Announcement

SecureDrop 2.6.0 Released

We’re pleased to announce that SecureDrop 2.6.0 has been released. Server code will be automatically updated within 24 hours.This release includes a new SecureDrop menu for journalists and admins, more descriptive page titles, as well as other security improvements and bugfixes. Read More