Skip to content

deadflowers/securedrop

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3,053 Commits

build

build

 
 

docs

docs

 
 

install_files

install_files

 
 

migration_scripts

migration_scripts

 
 

securedrop

securedrop

 
 

snap_ci

snap_ci

 
 

spec_tests

spec_tests

 
 

tails_files

tails_files

 
 

.gitignore

.gitignore

 
 

.ruby-gemset

.ruby-gemset

 
 

.ruby-version

.ruby-version

 
 

.travis.yml

.travis.yml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Vagrantfile

Vagrantfile

 
 

ansible.cfg

ansible.cfg

 
 

changelog.md

changelog.md

 
 

pip_update.sh

pip_update.sh

 
 

setup.cfg

setup.cfg

 
 

update_version.sh

update_version.sh

 
 

Repository files navigation

SecureDrop

Build Status

SecureDrop is an open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources. It was originally created by the late Aaron Swartz and is currently managed by Freedom of the Press Foundation.

Found an issue?

If you're here because you want to report an issue in SecureDrop, please observe the following protocol to report an issue responsibly:

Technical Summary

SecureDrop is a tool for sources to communicate securely with journalists. The SecureDrop application environment consists of three dedicated computers:

  • Secure Viewing Station: An air-gapped laptop running the Tails operating system from a USB stick that journalists use to decrypt and view submitted documents.
  • Application Server: Ubuntu server running two segmented Tor hidden services. The source connects to the Source Interface, a public-facing Tor hidden service, to send messages and documents to the journalist. The journalist connects to the Document Interface, an authenticated Tor hidden service, to download encrypted documents and respond to sources.
  • Monitor server: Ubuntu server that monitors the Application Server with OSSEC and sends email alerts.

In addition to these dedicated computers, the journalist will also use his or her normal workstation computer:

  • Journalist Workstation: The every-day laptop that the journalist uses for his or her work. The journalist will use this computer to connect to the Application Server to download encrypted documents that he or she will transfer to the Secure Viewing Station. The Journalist Workstation is also used to respond to sources via the Document Interface.

Depending on the news organizations's threat model, it is recommended that journalists always use the Tails operating system on their Journalist Workstation when connecting to the Application Server. Alternatively, this can also be its own dedicated computer.

These computers should all physically be in your organization's office.

How to Install SecureDrop

See the Installation Guide.

How to Use SecureDrop

How to Contribute to SecureDrop

See the Development Guide.

License

SecureDrop is open source and released under the GNU Affero General Public License v3.

The wordlist we use to generate source passphrases comes from Diceware, and is licensed under Creative Commons Attribution 3.0 Unported thanks to A G Reinhold.

About

GitHub repository for the SecureDrop whistleblower platform. Do not submit tips here!

freedom.press/securedrop

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

8 tags

Packages

No packages published

Languages

  • Python 48.9%
  • Ruby 26.2%
  • HTML 9.5%
  • Shell 8.1%
  • CSS 5.8%
  • JavaScript 1.3%
  • Other 0.2%