Welcome to SecureDrop’s documentation!

SecureDrop is an open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources.

User Guides

• Source Guide
  • Choose who to submit to
  • Get the Tor Browser
  • Making your First Submission
  • Continuing the Conversation
• Journalist Guide
  • Creating a GPG Key
  • Connecting to the Journalist Interface
  • Interacting With Sources
  • Moving Documents to the Secure Viewing Station
  • Decrypting on the Secure Viewing Station
  • Working with Documents
  • Encrypting and Moving Documents to the Journalist Workstation
  • Decrypting and Preparing to Publish
• Admin Guide
  • Responsibilities
  • Adding Users
  • Updating the Servers
• Passphrase Best Practices
  • General Best Practices
  • For Sources
  • For Journalists/Admins

Install SecureDrop

• Overview
  • Technical Summary
  • Infrastructure
  • Operation
• Terminology
  • Source
  • Journalist
  • Application Server
  • Monitor Server
  • Source Interface
  • Journalist Interface
  • Journalist Workstation
  • Admin Workstation
  • Secure Viewing Station
  • Two-Factor Authenticator
  • Transfer Device
• Passphrases
  • Admin
  • Journalist
• Hardware
  • Hardware Overview
  • Required Hardware
  • Optional Hardware
  • Specific Hardware Recommendations
• Before you begin
• Create Tails USBs
  • Install Tails
  • Enable Persistent Storage
• Set up the Secure Viewing Station
• Set up the Transfer Device
  • Select DVDs or USBs
  • USB Transfer Device Configuration
• Generate the SecureDrop Submission Key
  • Ensure Filenames are Preserved
  • Correct the system time
  • Create the key
  • Export the public key
• Set up the Admin Workstation
  • Start Tails with Persistence Enabled
  • Download the SecureDrop repository
  • Create the Admin Passphrase Database
• Set up the Network Firewall
  • Before you begin
  • Initial Configuration
  • Disable DHCP on the LAN
  • SecureDrop Configuration
  • Tips for setting up pfSense Firewall Rules
  • Keeping pfSense up to date
• Set up the Servers
  • Install Ubuntu
  • Test Connectivity
  • Set up SSH keys
  • Minor Admin Tasks
• Install SecureDrop
  • Install Prerequisites
  • Localization of the source and journalist interfaces
  • Configure the Installation
  • Install SecureDrop Servers
• Configure the Admin Workstation Post-Install
  • Auto-connect to the Authenticated Tor Hidden Services
  • Set up two-factor authentication for the Admin
• Create an admin account on the Journalist Interface
• Test the Installation
  • Test connectivity
  • Sanity-check the install
  • Test the web interfaces
• Onboard Journalists
  • Determine access protocol for the Secure Viewing Station
  • Create a Journalist Tails USB
  • Set up automatic access to the Journalist Interface
  • Add an account on the Journalist Interface
  • Verify Journalist Setup

Deployment Best Practices

• Overview
• Landing Page
  • URL and location
  • HTTPS only (no mixed content)
  • Perfect Forward Secrecy
  • SSL certificate recommendations
  • Don’t use 3rd party analytics, tracking, or advertising
  • Apply applicable security headers
  • Additional Apache configuration
• Minimum requirements for the SecureDrop environment
• Whole Site Changes
  • Suggested
• Sample SecureDrop Privacy Policy
  • Collection of Information From Sources
  • Collection of Information About Journalists’ Use of SecureDrop
  • Data Security
  • Children Under 13
  • Changes to This Policy
  • Contact

Checklists

• Pre-Install Hardware Checklist

Topic Guides

• Promoting Your SecureDrop Instance
  • Make a High Profile Announcement
  • Provide a Clear Link on Your Homepage
  • Provide Links at the Bottom of Your Articles
  • Create an Instructional Video on How to Access and Use Your SecureDrop
  • Regularly Share Your SecureDrop Landing Page on Social Media
  • Target Potential Whistleblowers with Advertising
  • Put an Advertisement in Your Physical Paper
• What Makes SecureDrop Unique
  • No third parties that can secretly be subpoenaed
  • Limits the metadata trail as much as possible
  • Encrypted and air-gapped
  • Protecting against hackers
  • Free and open source software
• Google Authenticator
  • iOS
  • Android
• Useful Logs
  • Both servers
  • Application Server
  • Monitor Server
• OSSEC Guide
  • Setting up OSSEC alerts
  • Troubleshooting
  • Analyzing the Alerts
• Tails Guide
  • Installing Tails on USB sticks
  • Configure Tails for use with SecureDrop
• Setting up a Printer in Tails
  • Installing and Printing via the Tails GUI
  • Troubleshooting
  • Printing from the Command Line
• HTTPS on the Source Interface
  • Obtaining an HTTPS certificate for Onion URLs
  • Activating HTTPS in SecureDrop
• SecureDrop On-Site Training Schedule
  • Day 1: Preparation and Install
  • Day 2: Journalist and Admin Training
• Using a YubiKey with the Journalist Interface
  • What is a YubiKey?
  • Download and Launch the YubiKey Personalization Tool
  • Setting Up Hardware-Based Codes
  • Adding Users
  • Using Your YubiKey
• Backup and Restore SecureDrop
  • Minimizing disk space
  • Backing Up
  • Restoring
• Backup the Workstations
  • What you need
  • Preparing the Backup Device

Upgrade SecureDrop

• Upgrade from 0.4.x to 0.5.x
  • Pull the latest release
  • Choose the list of supported languages
• Upgrade from 0.3.x to 0.4.x
  • Pull the latest release
  • Upgrade the Tails Persistence Configuration
  • Verify the Upgrades
• Upgrade Tails from 1.x to 2.x
  • Upgrade each Tails device
  • Finishing up
  • Troubleshooting
• Upgrade Tails from 2.x to 3.x
  • Why you should upgrade
  • What you need
  • 1. Prepare the master Tails USB
  • 2. Backup the Tails drives
  • 3. Upgrade the Tails drives
  • 4. Upgrade KeePassX Database
  • 5. Upgrade Secure Viewing Stations
  • 6. Upgrade SecureDrop to 0.4.x
  • If you encounter issues

Developer Documentation

• Getting Started
  • Prerequisites
  • Fork & Clone the repository
  • Install python requirments
• Virtual Environments: Servers
  • Development
  • Staging
  • Production
• Virtual Environments: Admin Workstation
  • macOS
  • Linux
• Contributing Guidelines
  • Branching Strategy
  • Automated Testing
  • Code Style
  • Git History
  • Privileges
  • Other Tips
• Tips & Tricks
  • Using Tor Browser with the development environment
  • Upgrading or Adding Python Dependencies
  • Connecting to VMs via SSH over Tor
  • Architecture Diagrams
• Internationalization (i18n)
  • The manage.py translate helper
  • Creating new translations
  • Updating strings to be translated
  • Compiling translations
  • Verifying translations
  • Merging translations back to develop
  • Merging develop into the weblate fork
  • Updating the full text index
• Getting Started with Weblate Translations
  • Who uses SecureDrop?
  • Register for Weblate
  • Choose a language
  • Translate a phrase
  • Instructions about a user navigation
  • Placeholders
  • Glossary
  • Weblate glossary
  • Getting help
  • Frequently Asked Questions
• Documentation Guidelines
  • Testing documentation changes
  • Updating screenshots
  • Integration with Read the Docs
  • Style Guide
• Testing SecureDrop
• Testing: Application Tests
  • Installation
  • Running the application tests
  • Updating the application tests
• Testing: Configuration Tests
  • Installation
  • Running the config tests
  • Updating the config tests
  • Config test layout
  • Config testing strategy
• Testing: CI
  • Travis tests
  • CI test layout
  • Running the CI staging environment
• SecureDrop apt repository
• Updating OSSEC Rules
  • Alerting Strategy
  • Using ossec-logtest
  • Writing Automated Tests for OSSEC Rules
  • Deployment
• Generating AppArmor profiles for Tor and Apache

Threat Model

• Threat Model
  • Assumptions
  • Attack Scenarios
• Data Flow Diagram