SecureDrop Workstation 0.11.0 (Qubes 4.1) has reached end-of-life
SecureDrop Workstation instances using Qubes 4.1 have reached end-of-life, and will not receive security updates after July 31, 2024.SecureDrop Workstation 1.0.0 is based on Qubes 4.2; users should migrate to it as soon as possible. Our backup and restore documentation covers the steps that are required to migrate to SecureDrop … Read More
Shutting down the SecureDrop forum
The SecureDrop team is planning to shut down the SecureDrop forum at https://forum.securedrop.org/ on July 30, 2024. Read More
Introducing SecureDrop Protocol
This blog post is a part of a series about our research toward the next generation of the SecureDrop whistleblowing system. If you haven’t been following along, check out our previous post for some recommended context.Here, we present a proposed end-to-end encryption protocol for a future version of SecureDrop server, … Read More
How to research your own cryptography and survive
This blog post is a part of a series about our research toward the next-generation SecureDrop server. In part 1, “Future directions for SecureDrop,” we outlined our current work on the Qubes OS-based SecureDrop Workstation and described our plans for a redesign of SecureDrop. In part 2, “Anatomy of a … Read More
Anatomy of a whistleblowing system
The SecureDrop team details the goals for a redesign of the platform’s server architecture and discusses the design constraints of a whistleblowing system. Read More
Consolidating SecureDrop Workstation’s Git repositories to make development easier
As the SecureDrop team previously announced, we’re shifting our focus in order to graduate SecureDrop Workstation from its pilot phase. One of the first steps we’ve taken in this direction is to reorganize and consolidate multiple related Git repositories to make development and releases easier and faster. Read More
Migrating SecureDrop’s PGP backend from GnuPG to Sequoia
In the upcoming SecureDrop 2.7.0 release, we’ve made a technical change that will be invisible to users but improve reliability and robustness — and provide better security going forward.SecureDrop relies on the OpenPGP standard for encrypting all data and messages that pass through the server. Historically, we have used GnuPG, or GPG for this; we are now switching to the newer Sequoia-PGP library implemented in Rust.In this blog post, we’ll give an overview of the encryption in SecureDrop, and explain why and how we switched to Sequoia. Read More
Future directions for SecureDrop
Going forward, new features for SecureDrop will be focused on the Qubes OS-based SecureDrop Workstation. We are also developing a next-generation SecureDrop messaging and encryption protocol. This post discusses the motivations behind these new directions and explains what they mean for SecureDrop users and contributors. Read More