The SecureDrop Journalist Workstation: Handling Anonymous Submissions With Qubes OS

The SecureDrop whistleblowing platform has become the de facto standard among news organizations for communicating with anonymous sources and accepting highly sensitive leaks, and is used by over 70 media organizations worldwide. The system was co-created by the late Aaron Swartz and first announced at HOPE six years ago. Each SecureDrop instance is physically hosted inside a news organization, and sources communicate with journalists by accessing a web application available using Tor Onion Services.

In this talk, Mickael will discuss security and user experience challenges faced by journalists in opening anonymous submissions, and present the various design considerations for the SecureDrop Workstation. Currently in limited pilot with a small number of newsrooms, the SecureDrop Workstation relies on Qubes OS and Xen virtualization to separate the various components of a journalist's workflow, which until now required the use of air gapped hardware. Not only does it make working with source materials safer by mitigating most malware, it is also significantly faster and easier for journalists to use, and provides opportunities to integrate with other secure communication tools.