Five things to know about SecureDrop
Over the past month, we’ve seen significant interest in newsrooms setting up SecureDrop. We’re excited to see more adoption of SecureDrop. Here are five things you should know before getting started: Read More
SecureDrop Workstation 1.0.2 released
In internal code review, we found two security vulnerabilities in the SecureDrop Workstation. We have released SecureDrop Workstation 1.0.1 and SecureDrop Client 0.14.1 to fix both vulnerabilities. Read More
Advisory: Upgrade to Tails 6.11
Tails recently released version 6.11, which contains fixes for a number of critical security vulnerabilities. These vulnerabilities would require an attacker to have first gained access to the system remotely (which is not currently known to be possible), and the Tails team is not aware of any of these vulnerabilities … Read More
Looking back at October and November 2024
The second in our new series of regular project retrospectives Read More
SecureDrop 2.11.1 Released
We’re pleased to announce that SecureDrop 2.11.1 has been released. This is a hotfix for a bug in this week’s 2.11.0 release that caused multiple spurious OSSEC alerts (“systemd OK: no failed units”) to be sent to administrators. Servers will be updated with this fix automatically on their next nightly … Read More
The long and winding road to safe browser-based cryptography
Browser-based cryptography has struggled with a longstanding chicken-and-egg problem that predates many features of the modern web, and while some of those features have reduced the problem’s severity, the issue remains: What is the basis for trusting the code that performs browser-based encryption? Read More
SecureDrop 2.11.0 Released
We’re pleased to announce that SecureDrop 2.11.0 has been released. Changes that journalists and administrators should be aware of are summarized in this blog post. A complete list of changes can be found in the changelog on GitHub.SecureDrop 2.11.0 will automatically run checks to ensure all servers are ready for … Read More
SecureDrop 2.11.0: Pre-Release Announcement
SecureDrop 2.11.0 is scheduled to be released Dec. 17. We will send out another notification through this blog, Mastodon, X, and the support portal when the release is live.We are soon approaching the end-of-life date for Ubuntu 20.04 (Focal), which all SecureDrops use. This release lays the foundation for an … Read More