What does it take to make web applications auditable?
Here's why reproducibility matters, and how WEBCAT—a framework for signing and verifying web applications—approaches the problem in practice.
https://securedrop.org/news/webcat-towards-auditable-web-application-runtimes/
Journalists are increasingly relying on insider sources, and protecting those sources is more important than ever.
Here's how SecureDrop is rising to the challenge, safeguarding whistleblowers’ anonymity against ever-evolving threats.
Can hackers truly redeem themselves? Kevin Poulsen (aka Dark Dante) went from cracking systems to being a successful insider tech journalist for Wired, SecurityFocus, and The Daily Beast.
#hackers #darkDante #secureDrop #KIISFM #journalists #tech
https://negativepid.blog/kevin-poulsen-the-story-of-dark-dante/
https://negativepid.blog/kevin-poulsen-the-story-of-dark-dante/
SecureDrop Workstation 1.5.1 has been released! This minor fix addresses a Tails config location change found in version 2.13.0 of the SecureDrop server.
https://securedrop.org/news/securedrop-workstation-1_5_1-released/
SecureDrop 2.13.0 is now available. This release primarily provides the securedrop-admin tool as a Debian package within Tails, and prepares for future availability of the securedrop-admin utility on Qubes OS.
SecureDrop Client 0.17.1 has been released! This release addresses a low-impact, high-complexity denial-of-service issue:
https://securedrop.org/news/securedrop-client-0_17_1-released/
Can hackers truly redeem themselves? Kevin Poulsen (aka Dark Dante) went from cracking systems to being a successful insider tech journalist for Wired, SecurityFocus, and The Daily Beast.
#hackers #darkDante #secureDrop #KIISFM #journalists #tech
https://negativepid.blog/kevin-poulsen-the-story-of-dark-dante/
https://negativepid.blog/kevin-poulsen-the-story-of-dark-dante/
#TIL that #securedrop (originally called DeadDrop) was coded and architected by Aaron Swartz!
SecureDrop is building the next generation of anonymity tools for whistleblowers. SecureDrop software engineer Cory Myers and ETH Zurich researcher Felix Linker gave a talk in Montreal earlier this month about our new, custom messaging protocol:
Can hackers truly redeem themselves? Kevin Poulsen (aka Dark Dante) went from cracking systems to being a successful insider tech journalist for Wired, SecurityFocus, and The Daily Beast.
#hackers #darkDante #secureDrop #KIISFM #journalists #tech
https://negativepid.blog/kevin-poulsen-the-story-of-dark-dante/
https://negativepid.blog/kevin-poulsen-the-story-of-dark-dante/
SecureDrop Workstation 1.5.0 has been released! This version simplifies the installation process by allowing you to install a bootstrap package from the Qubes-Contrib repo, and removes the remaining dependencies on Whonix.
https://securedrop.org/news/securedrop-workstation-1_5_0-released/
SecureDrop 2.12.10 has been released. This is a Journalist and Admin Workstation-only release, which adds support for the recent Tails 7 version.
SecureDrop Workstation 1.4.0 has been released! This version integrates Tor directly in the sd-proxy VM instead of using Whonix, and fixes an issue that prevented USB devices from automatically attaching.
https://securedrop.org/news/securedrop-workstation-1_4_0-released
SecureDrop users, we have heard your requests for an updated support experience! We are now providing support directly via Signal, and will be completing a migration away from Redmine on Nov. 3, 2025
https://securedrop.org/news/changing-how-we-deliver-support/
New-ish blog post: Adventures of a YAML engineer
https://blog.legoktm.com/2025/08/28/adventures-of-a-yaml-engineer.html
(I actually wrote this back in May and never published it...)
I mostly wanted to brag about a bit of YAML code I wrote back in March for #SecureDrop's completed migration to Ubuntu Noble that I neglected to mention in the blog post explaining the technical details. Yes, #YAML, is a programming language.
#SecureDrop è uno strumento di anonimato per giornalisti e informatori sviluppato da @noybeu
📬 Invia documenti in modo anonimo e comunica con i nostri avvocati. 💬
Per saperne di più, visita 👉 https://noyb.eu/it/securedrop
🔐 #SecureDrop is an anonymity tool for journalists and whistleblowers. 📬 Anonymously submit documents and communicate with our lawyers. 💬
To find out more, visit 👉 https://noyb.eu/en/securedrop
SecureDrop Workstation 1.3.0 has been released! This version allows users to import credentials during setup, and updates the Fedora base template to version 42, which re-enables SELinux.
https://securedrop.org/news/securedrop-workstation-1_3_0-released
SecureDrop 2.12.9 has been released. This version disables upgrades from Ubuntu Focal to Noble, and updates Tor Browser safety-level guidance in the Source Interface.
If your SecureDrop is still running Ubuntu Focal, please contact us for assistance in reinstalling with Ubuntu Noble.
@nickbearded but to more productive topics - i like how you can get a couple accounts going; of course this can be extended to stuff like groupware or black box zimbra. will get the vpn sorted today and certs going for the r proxy - it works fine have used it a bunch #flavors of tls and ssl #etherpad #securedrop #chroot access
