Guides/Journalism

Secure file encryption for journalists (2026 guide)

Secure file encryption for journalists needs three things: it has to be offline, it has to leave no receipts, and it has to be readable enough to be trusted. Elba is a single HTML file that meets all three.

No receipts

Elba does not check a license, does not report usage, does not know your name. There is no account tying you to a file. There is no server that could be subpoenaed.

Field-ready

Because Elba is a single HTML file, it fits on a USB stick alongside your notes. Open it on a hotel laptop, a borrowed machine, or your own — it behaves the same.

Duress and denial

Elba does not have a duress password (a fake password that opens a decoy folder). If your threat model requires that, Elba is not enough on its own — combine it with disk-level tools like VeraCrypt hidden volumes.

Questions people actually ask

Can Elba be compelled to hand over my files?
There is no ‘Elba’ that could — no server, no account, no key escrow. The publisher cannot decrypt your folder.
Does it work on a Chromebook?
Yes. Chromebooks ship with Chromium and are one of the safest field devices for Elba.

Take the island

Elba is one HTML file. It runs locally in a Chromium browser, seals a folder with AES-256-GCM, never phones home, and becomes open source on 1 January 2030.

  1. €49MMXXVI· now ·
  2. €39MMXXVII2027
  3. €29MMXXVIII2028
  4. €19MMXXIX2029
  5. FreeMMXXX2030

the price falls each year · free to all 1 jan 2030

pay once · no account · nothing leaves

Related guides