SecureDrop is an open-source whistleblower submission system that enables media organizations to safely accept documents and communicate with anonymous sources. Originally known as DeadDrop, the platform was [initially released on October 15, 2013] (Wikipedia). It allows journalists to receive sensitive information while protecting the identity and location of the source.
What is SecureDrop?
SecureDrop is a communication platform designed specifically for investigative journalism. It was co-created by Aaron Swartz, Kevin Poulsen, and James Dolan. Today, the project is managed by the Freedom of the Press Foundation (FPF) and is [distributed under the GNU Affero General Public License version 3] (GitHub).
The system uses the Tor network to hide the connection between a whistleblower and a newsroom. Because the software is open-source, the public can inspect the code to verify its security. The project remains active and stable, with the [stable version 2.13.0 released on December 4, 2025] (GitHub).
Why SecureDrop matters
- No third-party access: The server is owned and physically located inside the news organization, preventing third parties from being secretly subpoenaed for data.
- Metadata minimization: The system does not log IP addresses, browser types, or computer information.
- Encrypted communication: Data is encrypted both while in transit and while stored on the server.
- Verified security: To ensure safety, the software undergoes independent reviews, including a [first audit by the University of Washington and Bruce Schneier] (Wikipedia) and a [second audit by German firm Cure53] (Wikipedia).
How SecureDrop works
The system requires specific actions from both the source and the journalist to maintain anonymity.
For sources
- Access Tor: The source must use the Tor Browser to reach the newsroom’s unique "onion" URL.
- Submit material: The source uploads documents or messages through the interface.
- Receive a codename: The platform generates a random, unique code name (e.g., a phrase from a wordlist).
- Follow up: The source uses this codename later to log back in and check for messages from the journalist.
For journalists
- Download data: A journalist connects to the SecureDrop server via Tor and downloads encrypted submissions onto a dedicated flash drive.
- Air-gapped decryption: The journalist moves the data to a second computer that is not connected to any network and is wiped after every use.
- Use a secret key: A second flash drive containing a private decryption key is used on the air-gapped machine to view the files.
Best practices
- Audit software regularly: Organizations should ensure they are running the latest version to receive security and bug fixes.
- Disable JavaScript: Sources are encouraged to disable JavaScript in their Tor browser to prevent deanonymization.
- Use public Wi-Fi: When submitting documents, sources should use a public network rather than a home or work connection.
- Utilize Tails: For higher security, sources can boot their computer from a Tails USB stick, which includes a pre-configured Tor browser.
- Delete messages: Sources and journalists should delete messages once read to remove them from the server.
Common mistakes
- Mistake: Using a work-owned device or network to submit tips. Fix: Use a personal device on a non-surveilled, public network.
- Mistake: Including identifying information in the uploaded documents themselves. Fix: Manually redact names or personal details before uploading, as SecureDrop does not automatically scrub document contents.
- Mistake: Losing the randomly generated codename. Fix: Write the codename down and store it in a secure location; journalists cannot recover this code if it is lost.
- Mistake: Jumping directly from a news site to the SecureDrop onion link. Fix: Note the onion URL, close the browser, and open it later in a separate session to avoid a traceable trail.
Examples
Many global media institutions use SecureDrop to manage high-risk leaks: * The New Yorker: The first newsroom to launch a version of the system, initially titled "Strongbox," on May 15, 2013. * The Washington Post: An American daily that integrated the platform to accept anonymous tips from sources. * The Guardian: A British newspaper that uses the system and provides a public directory for their onion services. * The Globe and Mail: A Canadian outlet that [adopted the technology on March 4, 2015] (Wikipedia).
FAQ
Do I need special software to use SecureDrop? Yes. You must use the Tor Browser to access the ".onion" websites where SecureDrop is hosted. Standard browsers like Chrome or Safari cannot open these links.
Is my identity completely hidden from the newsroom? SecureDrop is designed to hide your IP address and location. However, if you include your name or contact details inside the documents you upload, the journalists will see that information.
Can I use SecureDrop on my phone? It is generally recommended to use a computer, specifically a device you own. Using a corporate or employer-owned device increases the risk of surveillance via local keyloggers or monitoring software.
What happens if SecureDrop is unavailable? Some organizations, like The Guardian, suggest using PGP-encrypted email as a secondary secure alternative if the SecureDrop service is down or Tor is blocked.
Who developed SecureDrop? It was originally coded by Aaron Swartz. After his death, the Freedom of the Press Foundation took over development and renamed the project from DeadDrop to SecureDrop.
