Tails upgrade advisory: If you are running Tails version 4.14 or earlier on your Admin and Journalist Workstations, you need to upgrade Tails manually, or restore automatic upgrades.
Emergency release to fix a security vulnerability in sudo.
Tails 4.15.1: https://tails.boum.org/news/version_4.15.1/
It fixes a serious security vulnerability, that we learned about just after releasing Tails 4.15. Sorry for the inconvenience!
You should upgrade as soon as possible.
SecureDrop 1.7.1 has been released. This is a bugfix release that will restore availability of SecureDrop instances impacted by a bug introduced in SecureDrop 1.7.0:
An issue with the SecureDrop 1.7.0 update has affected availability for some instances. The root cause has been identified and a fix is in progress. We apologize for any inconvenience. See our advisory for more information:
After the 1.7.x release series, we are phasing out support for v2 onion services.
Please upgrade your SecureDrop to v3 onion services at the earliest opportunity, and start preparing for the upgrade to Ubuntu 20.04.
See our advisory:
SecureDrop 1.7.0 has been released! This release allows you to configure your organization's name. It also includes support for Simplified Chinese and several bugfixes:
Tails 4.15 is out
This release fixes known security vulnerabilities.
- suppport for #ledger hardware wallets
- USB tethering for sharing mobile data on iOS 14 or later
After the 1.7.x release series, we are phasing out support for v2 onion services. If you haven't already done so, make sure to upgrade your SecureDrop to v3 onion services at the earliest opportunity:
SecureDrop 1.7.0 will be released on January 26, 2021. This release will allow you to configure your organization’s name. It will also include support for Simplified Chinese and several bugfixes:
SecureDrop is a free open source encrypted platform for whistleblowers and activists to contact journalists and NGOs anonymously through the @torproject network. You can follow its official Fediverse account at:
SecureDrop is used by news organisations and NGOs around the world to receive anonymous tips.
The website is at https://securedrop.org
You may have had difficulty reaching some SecureDrop instances over the weekend. The Tor Project is working to resolve an underlying issue:
The @tails project (which SecureDrop heavily relies on!) shares its plans for 2021:
Onion names ("<orgname>.securedrop.tor.onion") are a convenient way to access a SecureDrop instance using Tor browser (@torproject):
If an organization has an onion name, you can now find it in their SecureDrop directory entry, e.g.:
The HTTPS certificate for the package repository apt.freedom.press expired over the weekend. This has been resolved, and no action by SecureDrop administrators is required:
SecureDrop is free and open source, and it is used by more than 70 media organizations to safely communicate with anonymous sources.
Your donations enable us to make it better, and to help organizations of all sizes to set up and use it. Donate here:
Congratulations to the New York Times for making the switch to v3 onion services! You can find their SecureDrop's updated onion address in our directory:
If you're a journalist using SecureDrop, we would appreciate 30-45 minutes of your time for a remote usability research session. This will help us to make SecureDrop better. You can sign up here:
Official fediverse account for the SecureDrop project
Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.