SecureDrop Documentation Release 2.0.2 SecureDrop Team and Contributors Sep 20, 2021 User Guides 1 Source Guide 3 1.1 What is SecureDrop?...........................................3 1.2 Choosing the Right Location.......................................3 1.3 Get Tor Browser.............................................4 1.4 Choose Who to Submit To........................................4 1.5 Making Your First Submission......................................5 1.6 Continuing the Conversation....................................... 11 2 Journalist Guide 15 2.1 Connecting to the Tor network in Tails................................. 15 2.2 Updating Your Workstation....................................... 16 2.3 Connecting to the Journalist Interface .................................. 17 2.4 Daily Journalist Alerts About Submissions............................... 18 2.5 Interacting With Sources......................................... 19 2.6 Moving Documents to the Secure Viewing Station ........................... 21 2.7 Working with Documents........................................ 26 2.8 Moving Documents to Your Everyday Workstation........................... 31 2.9 Decrypting and Preparing to Publish................................... 34 2.10 Deleting submissions and source accounts................................ 35 3 Admin Guide 39 3.1 Responsibilities.............................................. 39 3.2 The Admin Interface........................................... 42 3.3 Server SSH Access............................................ 52 3.4 The securedrop-admin Utility................................... 54 3.5 Frequently Asked Questions....................................... 57 4 Passphrase Best Practices 59 4.1 General Best Practices.......................................... 59 4.2 For Sources................................................ 60 4.3 For Journalists/Admins.......................................... 60 5 Overview 61 5.1 Technical Summary........................................... 61 5.2 Infrastructure............................................... 62 5.3 Operation................................................. 63 i 6 Glossary 65 6.1 Admin Workstation............................................ 65 6.2 Application Server............................................ 65 6.3 Export Device.............................................. 65 6.4 Journalist................................................. 66 6.5 Journalist Alert Public Key........................................ 66 6.6 Journalist Interface............................................ 66 6.7 Journalist Workstation.......................................... 66 6.8 Landing Page............................................... 66 6.9 Monitor Server.............................................. 66 6.10 Onion Service.............................................. 67 6.11 OSSEC Alert Public Key......................................... 67 6.12 Secure Viewing Station......................................... 67 6.13 Source.................................................. 67 6.14 Source Interface............................................. 68 6.15 Submission Key............................................. 68 6.16 Transfer Device............................................. 68 6.17 Two-Factor Authentication........................................ 68 7 Passphrases 69 7.1 Admin.................................................. 69 7.2 Journalist................................................. 70 8 Hardware 71 8.1 Hardware Overview........................................... 71 8.2 Advice for users on a tight budget.................................... 72 8.3 Required Hardware............................................ 72 8.4 Optional Hardware............................................ 75 8.5 Specific Hardware Recommendations.................................. 77 9 Before You Begin 85 10 Create Tails USBs 87 10.1 Install Tails................................................ 87 10.2 Enable Persistent Storage........................................ 88 11 Set Up the Secure Viewing Station 89 11.1 Correct the System Time......................................... 89 12 Set Up the Transfer Device and the Export Device 91 12.1 Choose media types and encryption................................... 92 12.2 Decide how to manage encryption passphrases............................. 92 12.3 Create USB Transfer Device ....................................... 92 12.4 Create a USB Export Device ....................................... 97 13 Generate the Submission Key 99 13.1 Create the Key.............................................. 99 13.2 Export the Submission Public Key .................................... 102 14 Set up the Admin Workstation 107 14.1 Start Tails with Persistence Enabled................................... 107 14.2 Download the SecureDrop repository.................................. 108 14.3 Create the Admin Passphrase Database................................. 110 15 Set Up the Network Firewall 113 ii 15.1 Before You Begin............................................ 113 15.2 Initial Configuration........................................... 114 15.3 Disable DHCP on the LAN....................................... 124 15.4 SecureDrop Configuration........................................ 130 15.5 Tips for Setting Up pfSense Firewall Rules............................... 147 15.6 Keeping pfSense up to Date....................................... 147 15.7 Abstract Firewall Rules......................................... 151 16 Set Up the Servers 153 16.1 Pre-Install Steps............................................. 153 16.2 Install Ubuntu.............................................. 153 16.3 Test Connectivity............................................. 158 16.4 Set Up SSH Keys............................................. 158 17 Install SecureDrop 161 17.1 Install Prerequisites........................................... 161 17.2 Localization of the Source Interface and Journalist Interface ...................... 162 17.3 Configure the Installation........................................ 162 17.4 Install SecureDrop Servers........................................ 164 18 Configure the Admin Workstation Post-Install and Create Backups 167 18.1 Auto-connect to the Authenticated Onion Services........................... 167 18.2 Back Up the Workstations........................................ 168 19 Create an Admin Account on the Journalist Interface 169 20 Test the Installation 171 20.1 Test Connectivity............................................. 171 20.2 Sanity-Check the Installation...................................... 172 20.3 Test the Web Interfaces.......................................... 172 21 Onboard Journalists 173 21.1 Determine Access Protocol for the Secure Viewing Station ....................... 173 21.2 Create a Journalist Tails USB...................................... 174 21.3 Set Up Automatic Access to the Journalist Interface .......................... 174 21.4 Add an account on the Journalist Interface ............................... 175 21.5 Provision a personal Transfer Device and Export Device ........................ 175 21.6 Verify Journalist Setup.......................................... 175 22 Overview 177 23 Landing Page 179 23.1 URL and Location............................................ 179 23.2 HTTPS Only (No Mixed Content).................................... 179 23.3 Perfect Forward Secrecy......................................... 180 23.4 SSL Certificate Recommendations.................................... 180 23.5 Do Not Use Third-Party Analytics, Tracking, or Advertising...................... 180 23.6 Do Not Hyperlink .onion Addresses................................... 181 23.7 Avoid Direct Links to SecureDrop.org.................................. 181 23.8 Apply Security Headers......................................... 181 23.9 Additional Apache Configuration.................................... 182 23.10 Further Security Considerations..................................... 183 23.11 How to test your Landing Page using Tor Browser........................... 183 23.12 Landing Page Content Suggestions................................... 184 iii 24 Minimum requirements for the SecureDrop environment 187 25 Whole Site Changes 189 25.1 Suggested................................................. 189 26 Sample SecureDrop Privacy Policy 191 26.1 Collection of Information From Sources................................. 191 26.2 Collection of Information About Journalists’ Use of SecureDrop.................... 192 26.3 Data Security............................................... 192 26.4 Children Under 13............................................ 192 26.5 Changes to This Policy.......................................... 192 26.6 Contact.................................................. 192 27 Promoting Your SecureDrop Instance 193 27.1 Make a High Profile Announcement................................... 193 27.2 Provide a Clear Link on Your Homepage................................ 193 27.3 Provide Links at the Bottom of Your Articles.............................. 195 27.4 Create an Instructional Video on How to Access and Use Your SecureDrop.............. 195 27.5 Regularly Share Your SecureDrop Landing Page on Social Media................... 195 27.6 Target Potential Whistleblowers with Advertising............................ 196 27.7 Put an Advertisement in Your Physical Paper.............................. 196 28 What Makes SecureDrop Unique 199 28.1 No Third Parties