"The conclusion of our analysis is that many of the technical properties of DeadDrop are decent;
however, we do not believe that DeadDrop is yet ready for deployment in an ecosystem with
nation-state capable adversaries and non-expert users. The lack of software versioning,
reliance on VPN, the errors in the installation and deployment documentation, leaking of
document metadata, and lack of anonymity best practices all contribute to our reluctance for
suggesting that DeadDrop is ready for mass deployment.
Additionally, the usability of the system is sometimes lacking, potentially leading to insecure use.
For example, DeadDrop requires a fair amount of technical sophistication on behalf of
journalists (such as being able to use the GPG encryption software)6 and sources (such as
being able to sanitize the metadata in the submitted documents). We believe that this lack of
usability may lead to failures in anonymization. We enumerate the usability pitfalls we found, as
well as suggested remediation approaches in our report."
[Speaking as a contributor to the project] We tried to fix as many of the security issues in that audit as we could before the 0.1 release, but we think that the project could be redesigned to be more usable. Pull requests are welcome! You can see some of the more pressing issues at https://github.com/freedomofpress/securedrop/issues?mileston....
"The conclusion of our analysis is that many of the technical properties of DeadDrop are decent; however, we do not believe that DeadDrop is yet ready for deployment in an ecosystem with nation-state capable adversaries and non-expert users. The lack of software versioning, reliance on VPN, the errors in the installation and deployment documentation, leaking of document metadata, and lack of anonymity best practices all contribute to our reluctance for suggesting that DeadDrop is ready for mass deployment.
Additionally, the usability of the system is sometimes lacking, potentially leading to insecure use. For example, DeadDrop requires a fair amount of technical sophistication on behalf of journalists (such as being able to use the GPG encryption software)6 and sources (such as being able to sanitize the metadata in the submitted documents). We believe that this lack of usability may lead to failures in anonymization. We enumerate the usability pitfalls we found, as well as suggested remediation approaches in our report."