Interest Article

All news
Interest Article

Second independent audit of SecureDrop Workstation completed

We are pleased to announce that Trail of Bits has completed the second independent audit of the SecureDrop Workstation, directly funded by The New York Times. This audit, which took place in December 2020 and January 2021, is the result of a two-engineer, six person-weeks effort. The SecureDrop Workstation, based on Qubes OS, is our next-generation platform which allows journalists to safely retrieve, decrypt, open and export anonymous submissions. It is currently being used in a limited pilot, and the first audit of the SecureDrop Workstation was completed in late 2018. Read More

Interest Article

Advisory: Outage of some long-running instances after SecureDrop 1.7.0 release

On January 27, the SecureDrop 1.7.0 update affected the availability of some longer running SecureDrop instances. This was due to a bug introduced by a recent code change. Read More

Interest Article

SecureDrop Advisory: End-of-life for v2 onion services and Ubuntu 16.04

SecureDrop administrators and users should be aware of two upcoming critical migrations that are required to keep SecureDrop instances online. Read More

Interest Article

Advisory: Temporary Certificate Error on apt.freedom.press

On January 3, the HTTPS certificate for the the SecureDrop package repository, apt.freedom.press, expired. It has since been renewed. The temporary expiry was the result of an oversight on our part. It did not cause any delays of pending software updates for your SecureDrop servers, and no administrative action is required. Read More

Interest Article

Introducing Onion Names for SecureDrop

We are pleased to announce that human-readable onion addresses in the format (yourname).securedrop.tor.onion are now available for SecureDrop instances using v3 onion services that are listed in the SecureDrop directory. Read More

Interest Article

COVID-19 Advisory: SecureDrop and Remote Work

Current WHO recommendations for social distancing due to the ongoing COVID-19 pandemic may make it difficult for organizations to check SecureDrop. The Secure Viewing Station (SVS) is typically stored in a secure and centralized location, which may not be accessible to journalists working remotely.Your workplace might already have Business Continuity Plans and work-from-home security guidance relevant to this scenario. The following recommendations are specific to the usage of SecureDrop in a distributed environment and should complement these policies. Read More

Interest Article

Piloting SecureDrop Workstation for Qubes OS

In March, Freedom of the Press Foundation will begin to pilot SecureDrop Workstation for Qubes OS with select news organizations. The goal of the project is to make the SecureDrop experience more intuitive, and to decrease the time-on-task for journalists, without compromising security. Read More

Interest Article

Advisory: Installation/Workstation Update Failure on Tails 3.15

Update, July 22, 2019: Thanks to collaboration between the Tails and Tor teams, this issue has been resolved. Read More