We are pleased to announce the release of SecureDrop 1.3.0. Changes that sources, journalists, and administrators should be aware of are summarized in this blog post. A complete list of changes can be found on GitHub.
What’s new in SecureDrop 1.3.0?
For sources
- Security / behavior change: Messages submitted as text through the Source Interface are now restricted to a maximum length of 100,000 characters (the default upload limit for files, 500 MB, has not been modified). The length of text messages was previously not restricted, which presented a low severity denial of service vector for applications such as the SecureDrop Client. (Pull Request)
- Bugfix: Sources now no longer see an error if they attempt to create a codename after already having done so in another browser tab. Instead, they now see a message letting them know that they are already logged in. (Issue, Pull Request)
- UI update: The “Remember, your codename is:” hint on the submission page has been moved to the top of the page for easier discoverability, and the “Read Replies” section now more clearly indicates when there are no replies. (Issue, Pull Request, Screenshot)
- UI update / behavior change: The messaging in the Source Interface has been updated to account for a new placement and appearance of the “New Identity” button in recent versions of Tor Browser. In addition, sources will now see a dedicated page after logging out, to focus attention on the recommendation to click the “New identity” button. (Issue, Pull Request)
- UI update: The Source Interface now uses language like “our team” where it previously used language like “our journalists”, to avoid confusion in cases where SecureDrop is used by organizations that are not newsrooms. (Issue, Pull Request)
For journalists
- Bugfix: Visiting a path that does not exist in the Journalist Interface no longer produces an internal server error. (Issue, Pull Request)
For administrators
- New feature: You can now restore a backup without also applying the Tor service configuration from the backup to your Application Server. This can be useful if the Tor service configuration has changed since the last backup, e.g., because v3 services were enabled. (Issue, Pull Request)
- Bugfix: This release includes two fixes for the graphical updater for Journalist and Admin Workstations. Note that these fixes will only take effect after you have applied this update to your workstations.
- The updater now more reliably handles input of the Tails admin password, and reports timeout errors. (Issue, Pull Request)
- The updater now exits silently and adds a syslog entry if it is already running, instead of displaying a message to the user. Previously, the message was displayed during the update process. (Issue, Pull Request)
- New guides: The documentation includes two new guides for admins:
- a guide to offboarding journalists or administrators. (Issue, Pull Request)
- a guide to updating the BIOS on the recommended Intel NUC hardware. (Pull Request)
- Kernel update: This release includes an update from version 4.14.154 to 4.14.175 of the grsecurity-patched kernel. (Issue, Pull Request)
- Dependency updates: The following dependencies on the SecureDrop workstations and servers have been updated:
- Workstations: Ansible from version 2.7.13 to 2.9.7 (Issue, Pull Request, Changelogs: 2.7, 2.8, 2.9)
- Servers: OSSEC from version 3.0.0 to 3.6.0 (Pull Request, Changelogs)
- Servers: Tor from version 0.4.1.6 to 0.4.2.7 (Issue, Pull Request, Changelogs)
For developers
- Journalist API:
- Performance improvement: SecureDrop now caches the public keys of sources, to significantly improve performance of the
/get_all_sources
endpoint. (Issue, Pull Request) - Bugfix: The
/replies
endpoint now correctly returns replies associated with a deleted journalist account (Issue, Pull Request)
- Performance improvement: SecureDrop now caches the public keys of sources, to significantly improve performance of the
- Metadata API Update: The publicly accessible SecureDrop metadata endpoint at yoursourceinterfaceaddress.onion/metadata now includes the addresses of your Source Interface (v2 and/or v3 address, depending on configuration). (Issue, Pull Request)
What administrators need to do
SecureDrop Application and Monitor Servers will be updated to SecureDrop 1.3.0 automatically within 24 hours of the release.
Please note that the automatic upgrade path from 1.2.2 to 1.3.0 will be supported throughout the 1.3.x and 1.4.x release series. Automated upgrades from 1.2.2 will not be supported to the 1.5.x release series. If your servers fail to automatically upgrade to 1.3.0 after this release, please contact us.
As with previous releases, we recommend that you update your Tails workstations to the latest version of Tails and the latest version of SecureDrop. Please see our upgrade guide for instructions.
This release includes a kernel update. While we have tested this kernel extensively on supported hardware, it is possible that it will cause problems on your servers after the update. Please see our upgrade guide for information about troubleshooting and temporarily downgrading your kernel.
Acknowledgments
This release was made possible thanks to volunteer code and documentation contributions by DrGFreeman, Pieter Vanderpol, Prateek Jain, and Whistleblower Aid.
The translations for all supported languages were updated thanks to the work of many volunteers:
- Arabic: Thalia Rahme
- Catalan: John Smith
- Czech: 1000101
- Chinese: Chi-Hsun Tsai
- Dutch: kwadronaut
- French: AO
- German: Robin Schubert, John Hensley
- Greek: Adrian, Dimitris Maroulidis
- Hindi: Drashti
- Icelandic: Oktavia, Sveinn í Felli
- Italian: Claudio Arseni
- Norwegian: Allan Nordhøy, Øyvind Bye Skille
- Portuguese (Brazil): communiaa
- Romanian: robbpa
- Russian: Andrey
- Slovak: 1000101
- Spanish: Zuhualime Akoochimoya
- Swedish: Jonas Waga, Allan Nordhøy
- Turkish: tekrei
Thanks to the Localization Lab for supporting this effort.
This release incorporates Freedom of the Press Foundation contributions by Kevin O’Gorman (Release Manager), Allie Crevier (Deputy RM), Kushal Das (Localization Manager), John Hensley (Deputy LM), Jen Helsby, Mickael E., Conor Schaefer, Rowen S., Nina Alter, and Erik Moeller.
Questions and comments
If you have questions or comments regarding this release, please contact us:
- Via our Support Portal, if you are a member (membership is available to SecureDrop administrators on request);
- Via securedrop@freedom.press (GPG encrypted) for sensitive security issues (please use judiciously);
- Via our community forums.
We also encourage you to file non-sensitive issues you encounter in our GitHub repository (issue report form).
Thank you for using SecureDrop!