Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
SecureDrop Development Roadmap
Please note that this is a tentative roadmap. As releases approach, tickets will become more fine grained. Items may be added, removed or modified. The versioning here may also change - e.g. if bugfixes need to be pushed out, there may be some deviation from this roadmap.
Most recent release
SecureDrop 0.11.0 was released on December 11, 2018. This release includes a fix for a low severity security regression concerning SSH logins, a kernel update, user interface improvements, a new version of Tor, a new version of Ansible, and more. See the release notes and complete changelog for details.
Key priority for this release is full support for Ubuntu 16.04 (Xenial) as the server base operating system, as Ubuntu 14.04 will reach end-of-life in April 2019.
QA and feature freeze begins: Tuesday, February 5, 2019 (EOD PST)
Pre-release announcement and string freeze: Tuesday, February 12, 2019 (EOD PST)
Release: Tuesday, February 19, 2019 (EOD PST)
Next Generation SecureDrop: Prototyping
In order to evolve the SecureDrop architecture, as time permits, we are exploring some prototyping projects. As the prototypes mature, we will bring them into mainline SecureDrop. Prototyping projects include:
Workstation repository: https://github.com/freedomofpress/securedrop-workstation
Currently SecureDrop journalist users must use two devices, the Journalist Workstation and the Secure Viewing Station, and transfer documents between them manually via USB. This produces a very clunky and error-prone experience for journalists. The Secure Viewing Station is air-gapped and may not receive timely updates. Managing SecureDrop-specific configuration is difficult due to the amnesiac nature of Tails.
To address these concerns, this prototyping project is a dedicated Qubes-based SecureDrop workstation for journalists to use to decrypt, read, and work with SecureDrop documents. This workstation would consolidate the Journalist Workstation and Secure Viewing Station into one device, with Xen-based compartmentalization replacing the airgap.
As of April 2018, the SecureDrop Workstation prototype can connect to a SecureDrop server and download submissions. We are in the process of prioritizing, designing and developing additional functionality.
SecureDrop deployments currently require two physical servers: the application and monitoring servers, as well as a hardware firewall. While the application and monitoring servers receive automatic updates via apt, the hardware firewall does not. We will explore migrating SecureDrop to a container-based deployment. The long-term goal is to consolidate these three physical components into one physical machine and enable automatic updates across all these containers.
Alternatives to OSSEC for SecureDrop Logging
SecureDrop currently uses OSSEC for alerts. We should determine if this is still the best tool for the task or if other alternatives, e.g. the Elasticsearch, Logstash, and Kibana (ELK) stack might be a better. The logging solution we choose should also work well in a context where a subset of alerts are sent to FPF for review.