We’re happy to announce that sources can now access our SecureDrop document-submission website using HTTPS. Although SecureDrop connections were already encrypted previously, our new setup provides leakers with additional assurance that they are connecting with the authentic Intercept SecureDrop and not an impostor.
You can visit our SecureDrop server by pointing the Tor Browser here: https://y6xjgkgwj47us5ca.onion/
SecureDrop runs as a “hidden service” within the anonymous web network Tor. A hidden service is a special kind of server that is only accessible through Tor and has a domain name ending in .onion (Tor was originally called The Onion Router because it works by creating layers upon layers of encryption to hide users’ IP addresses).
The Intercept’s SecureDrop installation is only the third Tor hidden service to receive a browser-trusted HTTPS certificate, following Facebook and the Bitcoin website Blockchain.info. HTTPS provides two things: Confidentiality — data shared between web browsers and HTTPS websites is encrypted — and authentication — web browsers can verify that they’re visiting the website the user thinks they’re visiting. Authentication helps prevent man-in-the-middle attacks, which occur when an attacker entices someone to open an encrypted connection to the attacker’s server by impersonating the real server.
Even without HTTPS, the connection between Tor Browser and our SecureDrop hidden service was already encrypted. Adding HTTPS provides a second redundant layer of encryption, and it also adds authentication. So if a source finds herself visiting a SecureDrop website that looks like it belongs to The Intercept, she can inspect our SSL certificate to confirm that it actually belongs to us and isn’t a honeypot posing as our SecureDrop website — or at least confirm that this is the case according to DigiCert, the certificate authority that issued our SSL certificate.
The future of combining HTTPS and the .onion top-level domain is uncertain because .onion is not an officially recognized top-level domain. But the gears are in motion to get .onion recognized as a “Special-Use Domain Name.” We won’t know for sure if we get to keep our SSL certificate until the Internet Engineering Steering Group agrees on whether or not to make .onion a standard, a decision slated to be made in October.
Until then, our sources can enjoy this extra layer of protection when they communicate with us through SecureDrop.
IT’S EVEN WORSE THAN WE THOUGHT.
What we’re seeing right now from Donald Trump is a full-on authoritarian takeover of the U.S. government.
This is not hyperbole.
Court orders are being ignored. MAGA loyalists have been put in charge of the military and federal law enforcement agencies. The Department of Government Efficiency has stripped Congress of its power of the purse. News outlets that challenge Trump have been banished or put under investigation.
Yet far too many are still covering Trump’s assault on democracy like politics as usual, with flattering headlines describing Trump as “unconventional,” “testing the boundaries,” and “aggressively flexing power.”
The Intercept has long covered authoritarian governments, billionaire oligarchs, and backsliding democracies around the world. We understand the challenge we face in Trump and the vital importance of press freedom in defending democracy.
We’re independent of corporate interests. Will you help us?
IT’S BEEN A DEVASTATING year for journalism — the worst in modern U.S. history.
We have a president with utter contempt for truth aggressively using the government’s full powers to dismantle the free press. Corporate news outlets have cowered, becoming accessories in Trump’s project to create a post-truth America. Right-wing billionaires have pounced, buying up media organizations and rebuilding the information environment to their liking.
In this most perilous moment for democracy, The Intercept is fighting back. But to do so effectively, we need to grow.
That’s where you come in. Will you help us expand our reporting capacity in time to hit the ground running in 2026?
We’re independent of corporate interests. Will you help us?
I’M BEN MUESSIG, The Intercept’s editor-in-chief. It’s been a devastating year for journalism — the worst in modern U.S. history.
We have a president with utter contempt for truth aggressively using the government’s full powers to dismantle the free press. Corporate news outlets have cowered, becoming accessories in Trump’s project to create a post-truth America. Right-wing billionaires have pounced, buying up media organizations and rebuilding the information environment to their liking.
In this most perilous moment for democracy, The Intercept is fighting back. But to do so effectively, we need to grow.
That’s where you come in. Will you help us expand our reporting capacity in time to hit the ground running in 2026?
We’re independent of corporate interests. Will you help us?
Contact the author:
Latest Stories
Palantir Is Helping Trump’s IRS Conduct “Massive-Scale” Data Mining
Military contractor Palantir has been paid more than $130 million by the IRS to analyze sensitive federal databases.
The Intercept Briefing
“Me Too” Comes Back To Congress
Intercept staffers discuss the themes emerging this midterm election season.
Voices
Kash Patel Is Using MAGA’s Favorite Tool to Muzzle the Free Press
By suing The Atlantic for defamation, the FBI director is leveraging one of Trump’s legal tactics to tamp down free speech.