News

Interest Article

Five things to know about SecureDrop

Over the past month, we’ve seen significant interest in newsrooms setting up SecureDrop. We’re excited to see more adoption of SecureDrop. Here are five things you should know before getting started: Read More

Feb 18 2025, 4:00 PM
Read More
Security Advisory

SecureDrop Workstation 1.0.2 released

In internal code review, we found two security vulnerabilities in the SecureDrop Workstation. We have released SecureDrop Workstation 1.0.1 and SecureDrop Client 0.14.1 to fix both vulnerabilities. Read More

Feb 13 2025, 4:00 PM
Read More
Interest Article

Advisory: Upgrade to Tails 6.11

Tails recently released version 6.11, which contains fixes for a number of critical security vulnerabilities. These vulnerabilities would require an attacker to have first gained access to the system remotely (which is not currently known to be possible), and the Tails team is not aware of any of these vulnerabilities … Read More

Jan 9 2025, 4:00 PM
Read More
Interest Article

Looking back at October and November 2024

The second in our new series of regular project retrospectives Read More

Dec 20 2024, 4:00 PM
Read More
Release Announcement

SecureDrop 2.11.1 Released

We’re pleased to announce that SecureDrop 2.11.1 has been released. This is a hotfix for a bug in this week’s 2.11.0 release that caused multiple spurious OSSEC alerts (“systemd OK: no failed units”) to be sent to administrators. Servers will be updated with this fix automatically on their next nightly … Read More

Dec 19 2024, 4:00 PM
Read More
Interest Article

The long and winding road to safe browser-based cryptography

Browser-based cryptography has struggled with a longstanding chicken-and-egg problem that predates many features of the modern web, and while some of those features have reduced the problem’s severity, the issue remains: What is the basis for trusting the code that performs browser-based encryption? Read More

Dec 19 2024, 3:00 PM
Read More
Release Announcement

SecureDrop 2.11.0 Released

We’re pleased to announce that SecureDrop 2.11.0 has been released. Changes that journalists and administrators should be aware of are summarized in this blog post. A complete list of changes can be found in the changelog on GitHub.SecureDrop 2.11.0 will automatically run checks to ensure all servers are ready for … Read More

Dec 17 2024, 5:00 PM
Read More
Pre-Release Announcement

SecureDrop 2.11.0: Pre-Release Announcement

SecureDrop 2.11.0 is scheduled to be released Dec. 17. We will send out another notification through this blog, Mastodon, X, and the support portal when the release is live.We are soon approaching the end-of-life date for Ubuntu 20.04 (Focal), which all SecureDrops use. This release lays the foundation for an … Read More

Dec 13 2024, 4:00 PM
Read More