News

Interest Article

Five things to know about SecureDrop

Over the past month, we’ve seen significant interest in newsrooms setting up SecureDrop. We’re excited to see more adoption of SecureDrop. Here are five things you should know before getting started: Read More

Security Advisory

SecureDrop Workstation 1.0.2 released

In internal code review, we found two security vulnerabilities in the SecureDrop Workstation. We have released SecureDrop Workstation 1.0.1 and SecureDrop Client 0.14.1 to fix both vulnerabilities. Read More

Interest Article

Advisory: Upgrade to Tails 6.11

Tails recently released version 6.11, which contains fixes for a number of critical security vulnerabilities. These vulnerabilities would require an attacker to have first gained access to the system remotely (which is not currently known to be possible), and the Tails team is not aware of any of these vulnerabilities … Read More

Interest Article

Looking back at October and November 2024

The second in our new series of regular project retrospectives Read More

Release Announcement

SecureDrop 2.11.1 Released

We’re pleased to announce that SecureDrop 2.11.1 has been released. This is a hotfix for a bug in this week’s 2.11.0 release that caused multiple spurious OSSEC alerts (“systemd OK: no failed units”) to be sent to administrators. Servers will be updated with this fix automatically on their next nightly … Read More

Interest Article

The long and winding road to safe browser-based cryptography

Browser-based cryptography has struggled with a longstanding chicken-and-egg problem that predates many features of the modern web, and while some of those features have reduced the problem’s severity, the issue remains: What is the basis for trusting the code that performs browser-based encryption? Read More

Release Announcement

SecureDrop 2.11.0 Released

We’re pleased to announce that SecureDrop 2.11.0 has been released. Changes that journalists and administrators should be aware of are summarized in this blog post. A complete list of changes can be found in the changelog on GitHub.SecureDrop 2.11.0 will automatically run checks to ensure all servers are ready for … Read More

Pre-Release Announcement

SecureDrop 2.11.0: Pre-Release Announcement

SecureDrop 2.11.0 is scheduled to be released Dec. 17. We will send out another notification through this blog, Mastodon, X, and the support portal when the release is live.We are soon approaching the end-of-life date for Ubuntu 20.04 (Focal), which all SecureDrops use. This release lays the foundation for an … Read More