Interest Article

All news
Interest Article

Introducing Onion Names for SecureDrop

We are pleased to announce that human-readable onion addresses in the format (yourname).securedrop.tor.onion are now available for SecureDrop instances using v3 onion services that are listed in the SecureDrop directory. Read More

Interest Article

COVID-19 Advisory: SecureDrop and Remote Work

Current WHO recommendations for social distancing due to the ongoing COVID-19 pandemic may make it difficult for organizations to check SecureDrop. The Secure Viewing Station (SVS) is typically stored in a secure and centralized location, which may not be accessible to journalists working remotely.Your workplace might already have Business Continuity Plans and work-from-home security guidance relevant to this scenario. The following recommendations are specific to the usage of SecureDrop in a distributed environment and should complement these policies. Read More

Interest Article

Piloting SecureDrop Workstation for Qubes OS

In March, Freedom of the Press Foundation will begin to pilot SecureDrop Workstation for Qubes OS with select news organizations. The goal of the project is to make the SecureDrop experience more intuitive, and to decrease the time-on-task for journalists, without compromising security. Read More

Interest Article

Advisory: Installation/Workstation Update Failure on Tails 3.15

Update, July 22, 2019: Thanks to collaboration between the Tails and Tor teams, this issue has been resolved. Read More

Interest Article

Advisory: SecureDrop is no longer accepting submissions. Now what?

As of May 1, 2019, Ubuntu 14.04 (Trusty) has reached End of Life. SecureDrop instances running Trusty will no longer receive security updates for operating system packages, the kernel, or SecureDrop itself.  This means that a sufficiently severe vulnerability discovered in any of those components may permit an adversary to … Read More

Interest Article

We're making SecureDrop.org open source

Today we’re making public on GitHub the code that powers the SecureDrop.org website. SecureDrop has been open source since its inception. Starting today, its website is as well, under the same GNU Affero General Public License (AGPL). Read More

Interest Article

Advisory: Why you must manually upgrade your SecureDrop servers before April 30

SecureDrop installations set up before version 0.12.0 (released on February 26, 2019) that have not been upgraded yet are using Ubuntu 14.04 LTS (Trusty) as the server operating system. On April 30 2019, Trusty will reach End of Life, and will no longer receive security updates. If you have not … Read More

Interest Article

Security at every step: how we’re checking SecureDrop landing pages

How do whistleblowers find out about a news organization’s SecureDrop? The most common answer is a landing page, an ordinary web page hosted by the organization operating a SecureDrop. It explains how sources can download the Tor browser, and how they can safely connect to the onion address of the … Read More