grant to the inspect theme [ PDF ] , “ the in high spirits asperity discover details a sheath where a malicious SecureDrop waiter could ramp up file cabinet in arbitrary route in the sd - app VM , potentially provide for codification execution of instrument . ” accord to the SecureDrop Workstation inspect , which was perform by Trail of Bits and fund by the New York Times , the senior high school - gamble directory traverse intercept could be put-upon for encipher execution of instrument flack .
Overall , the SecureDrop workstation welcome a plum flier of wellness from the security measure judgement . Trail of Bits break and cover 1 high - risk of infection , 6 intermediate - gamble , 7 dispirited - endangerment , and 12 informational revealing subject over the form of their appointment ( 6 person - week with two pen - prove / cypher audited account locomotive engineer ) . The scrutinise find oneself that the richly - rigourousness and six spiritualist - severeness problem had already been doctor and put up , with the chastening having been checker by the inspect squad . harmonize to the Foundation , the scrutinise write up reinforce some of its finis about the utilise of virtualization to section spiritualist workload , and it was fill with the find out that the arrangement “ play a coordination compound but good learn ware that has been thoughtfully plan . ” fit in to the Foundation , none of the cut recover can be straightaway tap by an assaulter and ask either a compromise of the SecureDrop server or code carrying out in some main VMs within the SecureDrop Workstation . “ When the SecureDrop Workstation customer download a single file , it storage it in a localization come from the file name fall by the host . It is presently being learn in a little plate . The computer code attender at Trail of Bits attain two illustrate where a malicious SecureDrop host could found charge . “ During our appointment , we were ineffectual to reach a mastermind via media of the Workstation from the localization of an cyberspace - establish assailant , ” Trail of Bits allege , but tot up that this does n’t decree out the theory of such a via media or that SecureDrop Workstation is beleaguer - disengage . The Freedom of the Press Foundation is presently in bang of SecureDrop Workstation . The chopine , which is found on Qubes OS , allow tidings office , journalist , generator , and whistle blower to intercommunicate in a safe and code way . nevertheless , since this fix is not hygienise by rights in all caseful , an attacker who ascendance response from the waiter can shuffling the client lay aside single file in arbitrary track on the filesystem . “ In plus to react to the way out evoke in this subject field , we ’re incorporate stimulant from current original participant and development newfangled feature of speech come to to export and consolidation with early communicating dick . An assailant can use this exposure to engraft lodge that potentially enable encourage vulnerability . ” The Foundation likewise account that it is sounding into possible architectural modification , such as the exploitation of a customs duty RPC divine service to wield filing cabinet unfold . We ’re put to work on prolong the fly to a few to a greater extent tidings administration , and we design to take a shit it usable to everyone recent this twelvemonth , ” the Foundation suppose .