Tails 5.1, released on June 4, fixes a high severity security issue in Tor Browser. If you haven't done so already, please update your Tails workstation USB drives.

If you're still on Tails 4, this upgrade must be performed manually:

docs.securedrop.org/en/stable/

The SecureDrop Client, part of the new SecureDrop Workstation based on Qubes OS, is now officially ready for translation.

Thanks to Localization Lab and the volunteer translation community for all their help making SecureDrop accessible in many languages!

securedrop.org/news/the-secure

This is the first release to include support for European Portuguese, alongside Brazilian Portuguese.

Thank you to Localization Lab (localizationlab.org/) and all the volunteers who translate SecureDrop into 21 languages!

Show thread

SecureDrop 2.4.0 has been released. This release includes design changes to the Source Interface, minor improvements to OSSEC alerts, and other enhancements:

securedrop.org/news/securedrop

When using Tails, only use Tor Browser in "Safest" mode at least until the release of Tails 5.1 (scheduled for May 31), and restart the browser before and after accessing SecureDrop.

Show thread

⚠️ Security Alert: ⚠️

Tor Browser versions older than 11.0.13 include the two critical JavaScript security vulnerabilities described in the advisory below.

Make sure you apply available browser updates.

mozilla.org/en-US/security/adv

We have decided to defer the SecureDrop 2.4.0 release to Tuesday, May 24 to allow for additional time for QA and translations.

Show thread

Our parent org, Freedom of the Press Foundation, is now also home to Dangerzone, a tool developed by @micahflee that lets you convert potentially dangerous PDF files, images, and office documents into safe PDFs:

freedom.press/news/welcome-to-

As part of this transition to FPF stewardship, we're also looking for a part-time developer for Dangerzone (6 month contract, $40K fixed budget, schedule is yours to propose). If you're interested, please consider applying!

grnh.se/77e5b7b55us

SecureDrop 2.4.0 is scheduled to be released on May 19. This release will include design changes to the Source Interface, minor improvements to OSSEC alerts, and other enhancements:

securedrop.org/news/securedrop

SecureDrop 2.3.2 has been released. This release adds support for Tails 5.0 to your Journalist and Admin Workstations:

securedrop.org/news/securedrop

Congratulations to the @tails project for the release of Tails 5.0, the first version based on Debian Bullseye:

tails.boum.org/news/version_5.

If you use Tails for SecureDrop, please do not upgrade those USBs just yet. We will issue a SecureDrop update later this week to add support for Tails 5.0.

Do you speak Hindi, Romanian, Slovak, Italian, or Dutch? We're looking for additional volunteers to ensure we have continued translation coverage for these languages in SecureDrop.

See this Localization Lab overview to get started:

wiki.localizationlab.org/index

We don't have a Patreon, but we are an open source project led by a nonprofit. If you'd like to support SecureDrop development on an ongoing basis, you can become a member:

freedom.press/donate/

Members do get some pretty special perks.

For example, Daniel Ellsberg, the whistleblower who released the Pentagon Papers (a massive trove of documents about the Vietnam War) in 1971, is joining us for a virtual event with members soon. If you join as a member today, you'll still get an invite.

SecureDrop is available in 21 languages, thanks to volunteer translators. Do you speak a language other than English? We're always looking for additional volunteers. See this overview by our friends at Localization Lab to get started:

wiki.localizationlab.org/index

Nonprofit/open source job alert:

We're looking for a full-time Newsroom Support Engineer. This role works with news orgs using SecureDrop, helping with new SecureDrop installs and regular maintenance. During lower support activity, the person will contribute to code & docs.

This position is open to folks early in their career. It is a remote role, but candidates are ideally based in North America due to time zone overlap and requirement for occasional travel. More:

grnh.se/72ebf5575us

SecureDrop 2.3.1 has been released. This is a bugfix release that addresses a performance issue on servers with many sources:

securedrop.org/news/securedrop

SecureDrop 2.3.0 has been released. This release includes usability improvements, bugfixes, and new anti-spam functionality:

securedrop.org/news/securedrop

We have rescheduled this release to tomorrow (March 29) to allow for additional time for translations.

Show thread

SecureDrop 2.3.0 is scheduled to be released on March 28. This release will include usability improvements, bugfixes, and new anti-spam functionality:

securedrop.org/news/securedrop

SecureDrop 2.2.1 has been released. This release includes a kernel update with a fix for the recently discovered “Dirty Pipe” Linux kernel vulnerability:

securedrop.org/news/securedrop

Show older
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.