SecureDrop, the Open Source whistleblower submission system
Kushal Das (~kushal) |
SecureDrop is an open-source whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources. It was originally created by the late Aaron Swartz and is currently managed by Freedom of the Press Foundation.
In the modern age of Internet, keeping privacy in the online world has become a bigger battle ground. It became an even bigger challenge for the journalists, lawyers, and anyone else who is dealing with sensitive material. Whistleblowing and leaking have dominated news coverage in recent years. SecureDrop (a Python application) project provides a reasonably safe way for the journalists to receive tips/sensitive materials from anyone, and still safeguarding the sources and keeping the materials secured.
SecureDrop also won The Award for Projects of Social Benefit from Free Software Foundation in 2016.
This talk will be divided into three sections, why, how and what is in future.
- How is SecureDrop working in newsrooms?
- The top view of the technical stack (Flask application + rest of the stack)
- Tips for web developers thinking about privacy
- What are the biggest challenges and threats?
- What is in future? (SecureDrop workstation project: explaining the new PoC workstation using Python on QubesOS).
As a project SecureDrop has many different parts running in different systems. This talk will provide an overview of the technical backgroud of the project, and will try to help the curious minds to go a step ahead to contribute or use the similar ideas in the other applications.
Kushal Das is a regular speaker in various conferences. He is a CPython core developer and director at The Python Software Foundation. He is currently working on SecureDrop project full time as a staff member of the Freedom of the Press Foundation.