Security Advisory: Misconfigured package repository servers and developer infrastructure
An internal review discovered that some servers maintained by Freedom of the Press Foundation (FPF) and used to support SecureDrop were installed in an insecure manner. Read More
How to research your own cryptography and survive
This blog post is a part of a series about our research toward the next-generation SecureDrop server. In part 1, “Future directions for SecureDrop,” we outlined our current work on the Qubes OS-based SecureDrop Workstation and described our plans for a redesign of SecureDrop. In part 2, “Anatomy of a … Read More
SecureDrop Client 0.10.1 Released
SecureDrop Client 0.10.1, part of the SecureDrop Workstation, has been released. This is a hotfix for a bug in yesterday’s 0.10.0 release that prevented the printing of source conversation transcripts. Users will receive this update the next time they run the updater. We apologize for any inconvenience caused. Read More
SecureDrop Client 0.10.0 Released
We’re pleased to announce that SecureDrop Client 0.10.0, part of the SecureDrop Workstation, has been released. Changes that pilot participants should be aware of are below; a complete list of changes can be found on GitHub.What’s new in SecureDrop Client 0.10.0? Read More
SecureDrop 2.8.0 Released
We’re pleased to announce that SecureDrop 2.8.0 has been released. Changes that journalists and administrators should be aware of are summarized in this blog post. A complete list of changes can be found on GitHub. Read More
SecureDrop 2.8.0: Pre-Release Announcement
SecureDrop 2.8.0 is scheduled to be released on March 12, 2024. We will send out another notification through this blog, Mastodon, X, and the support portal when the release is live. Changes that journalists and administrators should be aware of are summarized in this blog post. A complete list of changes can be found on GitHub. Read More
Anatomy of a whistleblowing system
The SecureDrop team details the goals for a redesign of the platform’s server architecture and discusses the design constraints of a whistleblowing system. Read More
Consolidating SecureDrop Workstation’s Git repositories to make development easier
As the SecureDrop team previously announced, we’re shifting our focus in order to graduate SecureDrop Workstation from its pilot phase. One of the first steps we’ve taken in this direction is to reorganize and consolidate multiple related Git repositories to make development and releases easier and faster. Read More