Our annual project update for Aaron Swartz Day

Nathan Dyer, newsroom support engineer for the SecureDrop team, recently delivered the annual “State of the Drop” update, highlighting developments and news for the project from the past year.

SecureDrop was originally created by Aaron Swartz and Kevin Poulsen; you can still see Aaron’s first commit to the SecureDrop Git repository. Our continuing work is built on the foundation Aaron created.

You can watch the State of the Drop, along with the other 2024 Aaron Swartz Day talks, in the podcast linked below:

In the presentation, we highlighted the work that was completed throughout 2024. We have added a number of organizations to the SecureDrop Directory. We’ve also released four SecureDrop Server releases and seven major releases across SecureDrop Workstation and SecureDrop Client repositories.

Earlier this year we announced that SecureDrop Workstation is now in a public beta, and began welcoming organizations who are interested in discussing if the Workstation might be a good fit for them.

We also completed our sixth server security audit performed by 7ASecurity and funded by the Open Technology Fund. Some minor issues were found during the audit, and corrected in the 2.10.0 release. We also got some valuable insights into SecureDrop's threat model and architecture, which we can incorporate into future versions of the system.

This year we have been doing a significant amount of research, including SecureDrop Protocol (an end-to-end encrypted protocol with no source state) and WEBCAT (in-browser code verification). More details about those projects will be announced soon!

Support our work

Huge thanks to Lisa Rein for inviting us to be part of the Aaron Swartz Day podcast and allowing us to share our annual update!

If you like the work that we do, please consider a donation to the Freedom of the Press Foundation (FPF), which funds SecureDrop development.