When employees of an intelligence agency follows Snowden's footsteps, they boot tails in a coworking space and submit to the SecureDrop Tor Hidden Service. SecureDrop is the only whistleblower framework that addresses a threat model with a nation state adversary. The journalist then uses one machine to get the documents from the server. And moves them to an airgap machine to decrypt and read the documents. The server itself is made of two machines, one of them running the Tor Hidden Server and the other running OSSEC to monitor it. They sit behind a carefully configured firewall and are controlled from an admin workstation running Ansible.

The physical separation between machines is an essential part of the SecureDrop security. They are non trivial to setup and use for both the journalist and the system administrator of the news organization. We will present alternatives designed to improve the usability for both of them while preserving a reasonable level of security.