cheetah image

How to Use The SecureDrop Server

Everything you do on the Internet leaves trails. Before following these instructions, go to a public wifi network, such as at a coffee shop that you don’t normally frequent, and follow them from there. Or connect to a VPN.

  • Download and install the Tor Browser Bundle from https://www.torproject.org/.
  • Open the Tor Browser and copy and paste this into the address bar: http://obzpqr3t3w7kubdz.onion/.
  • Follow the instructions to send us information. You will be given a codename that you can use to log back in and check for responses in the future.
Don’t access the SecureDrop server from your home or office. If you wish to ensure maximum privacy, use the Tails operating system instead of the Tor Browser.

SecureDrop is an open source whistleblower submission systems, originally programmed by the late Aaron Swartz, that is maintained by the Freedom of the Press Foundation.

For more information (with photos) : https://docs.securedrop.org/en/latest/source.html.

Privacy Information

When you interact with our SecureDrop servers, the system does not log any information about your IP address, web browser, or operating system, nor do we deliver persistent cookies to your browser. When you use Tor to connect to our SecureDrop server, your connection is encrypted. Using the Tor network helps mask your activity from anyone that is monitoring your Internet connection, and it helps mask your identity from anyone monitoring our Internet connection.

When you send messages or upload files to this server, these messages and files are stored encrypted. We then use encryption keys on air-gapped computers that never connect to the Internet. Even if our SecureDrop server were to get “hacked” or the physical hardware were to be confiscated, the messages and files you have submitted previously should still be shielded from any attacker.

However, no system is 100% secure, so we cannot absolutely guarantee your security. SecureDrop is regularly audited by independent security experts, but like all software, it could have security bugs that could be exploited by attackers.

If the computer you are using to submit documents is already compromised, any activities, including communications through SecureDrop, could be compromised as well.

Ultimately, you use the service at your own risk.


This page funded in part by

USAID Logo

NWC was announced a Grand Prize Winner in the 2016 Wildlife Crime Tech Challenge , an initiative of USAID in partnership with the National Geographic Society, the Smithsonian Institution, and TRAFFIC.