We have a new job opening that works closely with the SecureDrop team.

We're looking for a Newsroom Services Coordinator - a person who will be the first point of contact for our services to news orgs, including SecureDrop support.

This is not primarily a technical role -- we're especially looking for folks w/ partnerships, project management & administrative experience.

If you're looking for full-time, mission-oriented nonprofit work, check it out:

freedom.press/jobs/job-opening

SecureDrop 2.0.1 has been released. This is a maintenance release that updates dependencies and signs the release tag with our updated signing key. Servers running Ubuntu 20.04 will be automatically upgraded within 24 hours.

securedrop.org/news/securedrop

You can support our work by donating to Freedom of the Press Foundation:

freedom.press/donate/

We're also hiring! We’re currently looking for a Senior Security Engineer and are expecting to post additional positions later this year:

freedom.press/jobs/job-opening

Show thread

Today, there are more than 70 news organizations, non-profits, and other groups who are using SecureDrop to keep sources safe. Many of them can be found in our directory:

securedrop.org/directory/

Thank you to Aaron and all the contributors who have worked on the project over the years: on code, documentation, design, translation, research, testing, and so much more. SecureDrop is an open source project, and we welcome your contributions:

docs.securedrop.org/en/stable/

Show thread

Last year, we began piloting the next generation of SecureDrop, enabling journalists to use Qubes OS to communicate with sources more quickly and intuitively:

securedrop.org/news/piloting-s

Show thread

SecureDrop 1.0.0 was released in September 2019, adding support for v3 Tor onion services. It marked a major milestone for the growing maturity of the project:

securedrop.org/news/securedrop

Show thread

The Guardian’s Head of Investigations recently said: “SecureDrop is absolutely indispensable. I do feel quite strongly about this...SecureDrop has become such an integral part of the way we work now, on a daily, sometimes hourly basis.”

youtube.com/watch?v=1mI3uQnXPd

Show thread

In October 2013, Freedom of the Press Foundation took on stewardship of the project:

freedom.press/news/freedom-of-

In 2014, the Washington Post and the Guardian both launched SecureDrop instances on the first anniversary of the Ed Snowden revelations, leading many more news outlets to follow suit.

Show thread

In 2011-2012, Aaron along with Kevin Poulsen and the late James Dolan, created the initial version of SecureDrop, which was then called DeadDrop.

In 2013, the very first instance was launched at @NewYorker, codenamed StrongBox:

newyorker.com/news/amy-davidso

Show thread

Ten years ago on this day, the late Internet pioneer Aaron Swartz made the first commit to SecureDrop, the open-source whistleblower submission system.

A few highlights from this time showing how Aaron’s project has evolved since then: 👇

Reminder: We encourage you to use the graphical updater to update your Journalist and Admin Workstations to SecureDrop 2.0.0 today or tomorrow, to avoid a manual update.

Please see our documentation:

docs.securedrop.org/en/stable/

Show thread

After nearly 5 years in use, we are rotating the SecureDrop release key. Read more about this transition, and how to verify the new key:

securedrop.org/news/why-we-are

A reminder: if you have not migrated to Ubuntu 20.04, your SecureDrop has been disabled for security reasons. Please contact us for reinstallation support.

Show thread

SecureDrop 2.0.0 has been released. This release removes all Ubuntu 16.04 and v2 onion services support from the codebase, and includes many other improvements.

All instances running Ubuntu 20.04 will receive this update automatically.

securedrop.org/news/securedrop

To avoid a manual upgrade, we encourage you to update your Tails workstations before June 29. An additional step will be required to update Tails itself; please see our documentation:

docs.securedrop.org/en/stable/

Update: To allow for additional testing, we have rescheduled the release of SecureDrop 2.0.0 to tomorrow, June 23.

Show thread

The release of the next version of SecureDrop is scheduled for June 22, 2021. This release removes all Ubuntu 16.04 and v2 onion services support from the codebase, and includes many other improvements:

securedrop.org/news/securedrop

If you have not migrated to Ubuntu 20.04, you will not receive this update: your SecureDrop has been disabled for security reasons. Please contact us for reinstallation support.

The SecureDrop team is still hiring. We're looking for a full-time Senior Security Engineer. Work from anywhere:

freedom.press/jobs/job-opening

We're looking for a Senior Security Engineer to join the SecureDrop team at Freedom of the Press Foundation!

The team is fully distributed, and this position is open to applicants from around the world.

Read more about the position here:

freedom.press/jobs/job-opening

Boosts very much appreciated! ❤️

We encourage researchers to report security vulnerabilities through our bug bounty programme or through encrypted email. More information is available at:

github.com/freedomofpress/secu

Show thread

We have issued a security advisory for a low-severity vulnerability in the journalist web application (fixed in SecureDrop 1.8.2).

We would like to thank the Tenable team for their responsible disclosure. You can find more information at:

securedrop.org/news/security-a

Show older
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.