SecureDrop, the Open-Source Submission Platform for Journalists and Whistleblowers

Freedom of the Press Foundation’s executive director on SecureDrop’s evolution and future prospects

SecureDrop commits from the Aaron Swartz hackathon

Freedom of the Press Foundation recently announced we had taken over the management of DeadDrop, the open-source whistleblower submission system originally coded by the late Aaron Swartz. Since we officially started managing the project in September, we’ve given the project a new name (SecureDrop), made several upgrades to it, and pledged to help journalism organizations install and use it.

Our reason was simple: the NSA scandal and the unprecedented crackdown on whistleblowers has shown journalists and sources have never been more at risk of surveillance, and it’s imperative they find safer ways to communicate.

Our first task was to make it easy on journalism organizations to install SecureDrop. To that end, we’ve hired James Dolan, who originally helped Aaron create SecureDrop’s security architecture and installed the system at the New Yorker. James will be managing the SecureDrop project full-time now, and will help news organizations with installation, journalist training, and updating the software.

We even have a draft privacy policy news organization’s legal teams can use as a model if they so wish. However, we still have a lot of work to do and could use your help. Here’s a rundown of the project so far.

Security Audit

The first set of upgrades we made to SecureDrop before we re-launched the project were based off a security audit done by a team of University of Washington researchers led by Alexei Czeskis, and also included Tadayoshi Kohno, Jacob Appelbaum, and security expert Bruce Schneier. You can read the full audit here.

Importantly, the security audit found no critical flaws in the code of SecureDrop itself. The audit did, however, find several problems with the documentation (so it was close to impossible to install at an optimum security level without the creators’ help), and usability issues on both the source and journalist side (which were correctly interpreted as security flaws since a user mistake can unduly expose information).

So in the six weeks before we re-launched the project, we completely re-did the installation instructions and documentation, improved its security by switching the document server to a Tor hidden service, and improved the way the source’s passphrase is created. You can read all the updates we made here.

Aaron Swartz Hackathon

Since we launched, we’ve had developers start following our issue page on GitHub, as we continue to try to make SecureDrop easier to use. Two weekends ago, at the Aaron Swartz memorial hackathon in San Francisco and in cities around the world last weekend, many of these developers gave up their weekends to make SecureDrop even better. It was a huge success, as this commit graph demonstrates.

We’ve now completely re-done the install process, and we’ve combined the source and document server into one—both steps should make set up for journalism organizations a lot easier. We’ve also made it easier for journalists to delete files, bulk download, and organize all the files they receive from sources.

What To Do Next

There’s still much left to do on the project however. Right now, there are fifty-seven open tickets on our GitHub issue page that we could use help on. For example, we want to create an interface that allows a source to pick which journalist at a given organization he or she sends her documents to. We want to have an automatic document metadata scrubber at the start of the upload process. There’s also still a lot more documentation we need to write that will define the best practices for the hosting environment, administration support processes, security monitoring processes, and journalist use cases.

We’re exploring techniques to mitigate denial of service attacks, which is especially challenging in an environment where users are anonymized. And we are going to need regular code and environment audits to make sure SecureDrop stays as secure as possible.

We’ll be hosting another hackathon in San Francisco and Boston in the near future and if you would like to help please join our developers mailing list here to receive more details. You can also visit our GitHub page to start contributing right away.






Current page