Limitations and known issues

Warning

SecureDrop Workstation is in a limited beta phase, and is not recommended for general use at this time. See our blog post for more information.

Reporting issues

For the duration of the pilot, bugs and other issues found in SecureDrop Workstation should be reported by pilot participants via the support portal. Issues that are not instance- specific will be added to the appropriate public issue tracker by the developers, for example:

Current known issues

  • Updates are slow due to the number of VMs involved, and due to some updates being fetched over Tor. We are investigating various strategies to improve performance and reliability of the updater.
  • Currently, only LUKS-encrypted Export Devices are supported. VeraCrypt support will be added in a future release.
  • Printer support is limited to specific models by Brother and HP, and printing different file types is not as reliable yet as under Tails. Support for additional non-networked printers will be added in a future release.
  • “Flag for reply” functionality is not implemented in the SecureDrop Client. This is used when a source’s reply key was not created on their first submission and needs to be created on their next visit. If you are logged into the SecureDrop Client, and the reply feature for a source is disabled for more than a minute, they must be flagged for reply in the Journalist Interface - see the SecureDrop “Flag for Reply” documentation for more information.
  • Currently, only app-based two-factor authentication (TOTP) is supported.
  • The SecureDrop Client can only be configured with a single Submission Key. If the Submission Key for your SecureDrop server was rotated in the past, and submissions encrypted with the old key are still on your server, you will not be able to open them with the SecureDrop Client.