+
+
- Hush Line requires no personally identifying information (PII) for tip line owners to use the service, including an email address.
We offer an Onion service for users with advanced privacy needs, which can be accessed @@ -215,10 +216,10 @@
Hush Line uses OpenPGP.js for client-side encryption, giving users who add their public PGP key end-to-end encryption for their messages. Users who disable @@ -235,10 +236,10 @@
If the individual submitting a message feels comfortable enough to include a contact method, they may choose to.
For anonymous, indirect two-way communication through Hush Line, someone submitting a @@ -254,10 +255,10 @@
Neither us scrubbing IPs nor you using Tor and Signal are silver bullets, and there are
many ways to deanonymize yourself. 
-
Signal is great, but it's not anonymous. For someone to send you a message, they must first:
-
@@ -342,10 +343,10 @@
-
-
-+ Python? +We use Python and the Flask framework because they're well-documented and supported. The developer ecosystem is rich with extensions for everything from user authentication to message encryption. Python is also one of the most used languages, making the project @@ -411,10 +412,10 @@
-+ can't I receive files? +Receiving files comes with significant risk, and the functionality is only sometimes necessary. It can lead to compromising your device, network, and any other device connected to it.
@@ -438,10 +439,10 @@
-+ do I verify a recipient is legitimate? +Hush Line offers human-verified accounts for journalists, organizations, and public figures so you can ensure you're communicating with the right recipient. Do you need to
- + Hush Line received an independent security audit? +Yes! In 2024, Hush Line's managed service, Personal Server, and self-hosted version received a security audit from Subgraph, sponsored by
- + can I submit a vulnerability report? +See something, say something! Submit a vulnerability report if you find a security issue, and we'll address it immediately!
SecureDrop is a robust whistleblowing platform whose architecture is necessitated by very specific use cases: A.) To safely manage files sent by anonymous people so that a device or network isn't accidentally compromised, and B.) To provide a censorship-resistant and @@ -391,19 +392,19 @@
While open-source, forking SecureDrop would require significant rework. Building a new solution allows us to optimize Hush Line as an easy-to-use hosted service.