Here is a passphrase. On the device you would like to add (or on the Tunnel X website), enter it on the homescreen in
the "enter a passphrase" box:
When prompted for a PIN, enter your current account PIN. Note: the above passphrase expires in seven days.
After you sign in with it, you will create a permanent key on the new device.
Here is your backup key: a long passphrase. You should save it in a safe place (not on this device). You may want to email it to yourself. You will use this key if you
ever lose access to this device, or if you lose or forget an image key.
The key to your Tunnel X account is stored on this device. You may remove it.
If you do, you will no longer be able to access your account
from this device. Unless you have access to
it from another device (or a computer, via the Tunnel X website), you will
permanently lose access to your account.
To enable another device, tap "cancel," then "add another device."
Okay to proceed? This is permanent!
Your handle ("") is how people find you on Tunnel X.
If somebody knows your handle, they can invite you to a tunnel.
Want to change your handle? Do it here:
Change the name of the "" tunnel?
Need Help?
Need Help?
Hmmm... Looks like you've tried to sign in at least once and failed. There is a secret key stored
on your phone, and if you've forgotten your PIN, you'll never be able to log in from this device. If you like, you can remove this key. But unless you
have access to your account from another device (or a desktop web browser), you'll lose account access forever!
But you'll be able to enter a new passphase, or create a new account. Do you want to do that?
Creating a Tunnel X account is easy: we don't ask for any information about you, and there's
no email or phone verification.
There are just three steps to create an account and start your first tunnel, which depend on whether
you are new to Tunnel X and you are going to invite someone to a tunnel or
someone already invited you and sent you a passphrase.
So you want to create a new account and then invite someone to a tunnel! Here's what you'll do:
1. Select a six-digit PIN. You can use your bank PIN or any six-digit number that it would be hard for someone else to guess.
The app generates a long key for you and stores it in the app, on your device (so nobody else can access it).
2. Select a handle. Similar to a handle on Twitter or Skype, except you don't use it to sign in. It is uniquely yours.
After you create your account you may exchange handles (offline) with other Tunnel X users in order to connect quickly
and easily.
3. Invite your first confidant. Now Tunnel X creates your first tunnel. You will get a passphrase, which is two random
sentences. Your job is to deliver the passphrase to your confidant, so he or she can connect to the tunnel. How you do
that depends on how much security you need. If you are not very concerned, simply email the passphrase (you may click a
link to automatically generate the email message). To be more careful, you might split the passphrase in two and send each
by a different means. You can even read it over the phone! Once you have done this, you can leave a welcome message for
your confidant in the tunnel. We recommend waiting until you know your confidant has signed in with the passphrase before
you leave confidential information in the tunnel. Enjoy, and let know what you think!
Note that because your key is stored in the app, if you delete the app, you will not be able to access your account. You
have the option, in Settings, to export your account to another device with a passphrase. We recommend that you do this
and save the passphrase in a safe place. You won't need it on an ordinary basis, but in case something happens to your phone
or the app, you will have a backup.
Someone sent you a passphrase? Follow these steps to set up your account:
1. Type the passphrase in the blank space. Capitals, punctuation, and spaces don't matter. Just the letters.
2. Select a handle. Similar to a handle on Twitter or Skype, except you don't use it to sign in. It is uniquely yours. After
you create your account you may exchange handles (offline) with other Tunnel X users in order to connect quickly and easily.
3. Select a six-digit PIN. You can use your bank PIN or any six-digit number that it would be hard for someone else to guess. The
app generates a long key for you and stores it in the app, on your device (so nobody else can access it).
Frequently Asked Questions
signing up and signing in
Q: If I want to start tunnels with several people should I send the temporary passphrase to all of them? A: No. Each tunnel is only between two people. If you want to start tunnels with, say, three of your friends/colleagues, create three different tunnels, with different passphrases for each one, and send each of your friends his/her own temporary passphrase. You will end up with three tunnels, each between you and a single confidant.
Q: I can't remember my PIN. How can I get to my tunnel? A: You can't. Don't lose your PIN! We won't be able to reset it for you. Tunnel X is designed so that there is no possibility of anyone being able to reset your PIN.
security and privacy
Q: Is it possible for a hacker to break into the Tunnel X web server and read my conversation? A: All conversations (and uploaded files, and other data) are encrypted with multiple encryption algorithms, and your key is required both to log into Tunnel X and then to decrypt the messages. We use industry-standard encryption that has never been cracked. Messages are also encrypted between your browser and our server, using TLS in "perfect forward secrecy" mode. Now: if your goal is 100% confidence that your conversation is private, we suggest stripping off your clothes, swimming to the middle of a lake and whispering into your confidant's ear (preferably in an obscure, dead language), not that we recommend this. Neither Tunnel X nor any other secure communications channel can offer that level or privacy (and we suggest that you be wary of any that do).
Q: I went to get a cup of coffee while I was writing a note, and when I came back the Tunnel X screen was gone. What happened? A: After a period of time, Tunnel X will log you out and clear the window. This is for your own protection. You can set the length of time until this happens by clicking "Settings" in the lower right of the window.
Q: How do I know that Tunnel X isn't run by the Russian mob or the NSA or Rupert Murdoch or someone else who plans to record all my private conversations to hurt me? A: Tunnel X was founded by two people who have established reputations and no ties with foreign organizations, governments, or publishing concerns. Our advisory board consists of people with well-established reputations and who know the founders and vouch for their good faith.
Q: I've read that the NSA and other government agencies are reading all of our communications. Is Tunnel X secure from these agencies? A: We are as confident as we can reasonably be that no government has the capability to intercept and read the messages in Tunnel X.
Q: I sent a message that I regret having sent, or my confidant posted a message I would rather not be in our conversation. A: Either user may delete any single message by clicking the "X" at the right-hand side of the message. Either user may also delete the entire tunnel by going to "Settings" (bottom right of the window) and clicking "destroy this tunnel permanently."
interface and miscellaneous
Q: Is Tunnel X for chatting, like instant messaging, or for longer messages that my friend will read later, like email? A: It's for either. Messages are updated immediately. So if you and your confidant are both in the tunnel at the same time, you will see her messages as soon as she sends them. Messages are saved indefinitely, so if your confidant is offline, she will see your message as soon as she signs in.
Q: Can I have a three-way conversation? A: No. Tunnel X does not support three-way tunnels now.
Q: The message text is too small and hard to read. Can I make it bigger? A: Click "Settings" in the lower right of the window, and you can change the font size.
Q: Will I need to start paying for my tunnel at some point? A: Tunnel X is free now. Any tunnels created during this period will remain free indefinitely.
Q: On the web site, I can upload any kind of file. On the mobile app, I can only upload photos. And I can only view photos that my confidant has uploaded. Why the limitation? A: Mobile phones (particularly iPhones), don't give you free access to all the documents on them. So, for example, if you have a PowerPoint file in your email inbox, Tunnel X can't fish it out of there and upload it to your tunnel. Similarly, Tunnel X cannot display file formats in your tunnel besides image files (JPG, GIF, PNG, BMP). But if you "export" your tunnel to another device (from the Settings screen), this will generate a passphrase. Open up a web browser on a computer, head over to tunnelx.com, and enter the passphrase. On the web site, you may upload and download any type of file.
Privacy Policy
Who We Are
Tunnel X's fundamental goal is to protect the privacy of your communications. Thus we always choose to obtain as little information about you as possible. We choose to encrypt all of the data you store on our site such that even we cannot read it. For us, privacy is not just a policy, it is our ethos.
Your data
We collect as little data about you as possible. The following are the ways in which we may collect personal data:
1. Visiting our website. We do not log IP addresses. For the purpose of traffic analysis, we map IP addresses to locations (with "municipality" granularity but not more than that), and then store that information, so that we can understand traffic. However, we do not store that information such that it is mapped to specific users. Users who do not wish to reveal their location to Tunnel X are welcome to use an anonymizing service such as the Tor network.
2. Creating an account. When you create an account, we want to know as little about you as possible. We do not collect any personal data from you, including your IP address. We ask you to upload a random image from your computer (which is never visible to us; in fact, we only process a small fraction of this image), and to choose a PIN; you will use these whenever you sign into Tunnel X. The image will be used to derive an encryption key which will secure your data. We do not store either of these data points in a way that we can decrypt; rather, we store hashes (one-way-encrypted versions) of them. We also record the date and time on which you created your account, so we know when your "free" period is over (however, "beta" users' accounts remain free indefinitely).
3. Signing in to your account and our record of your activity. When you sign into your account, we record the actions you take necessary for us to authenticate you, or to store and transmit the messages you send, as well as the files you share with your confidant. We also store your account preferences (such as font size). We store all of this data in encrypted form, in such a way that it may only be decrypted by you or your confidant when you or your confidant are signed in. We also track the total file size of all messages and files in your Tunnel, because we place limits on the amount of data users may keep in their accounts. We do not track which messages you have read and which you haven't. We do not record when you delete messages; we simply remove the message from our storage drives. Sometimes we display "system messages" to our users (for example, warnings that Tunnel X will be offline briefly for maintenance at a specific time); we note whether or not we have displayed these messages to you so that we don't display them to you more than once.
4. Communicating with us. When you communicate with us, you may provide us with personal data about yourself. Your communication with us may be retained in our system. We encourage all users to communicate with us in as anonymous a way as is possible, because we want to store as little data about you as we can.
How we store your data
1. When you sign up for an account, you consent to your account and any other account data being stored on the Tunnel X servers.
2. We do not store your authentication tokens on the Tunnel X servers. Instead, a hashed value is stored for authentication. The original authentication tokens cannot be determined from that hashed value. As a result, we are unable to recover a forgotten image key or PIN.
3. We store all of your data either in encrypted form (with a key which itself is derived from your login key, meaning your data is unencryptable by anyone other than you or your confidant), or in hashed form (hashing is a process of one-way encryption: hashes are not decryptable, by anyone).
How we use your data
1. We do not analyze the data in your account for the purpose of displaying advertisements.
2. We do not and will never share your account data with any third-party except as specified in this policy. We will never sell your account data under any circumstances.
3. We do not solicit users' email addresses. We only see email addresses when someone contacts us via email; We do not and will never share your email address or other contact data with mailing lists. We provide anonymous modes of contacting us as well. We will never initiate contact with you unless the communication is account related, or unless you have consented to such communication.
4. We do not use third-party services, because doing so may expose your data to those third parties. We do not use Google Analytics or similar services for exactly that reason. Nor do we show you targeted advertising; doing so would require disclosing your online behavior to advertising networks. The exception is that we will implement third-party payment systems, such as Paypal and Bitcoin. Any information about you we receive from them will be discarded as soon as the payment is recorded.
How long do we retain your data?
The following outlines how our data retention policy affects the messages in your account and your account data:
1. Data in your account will stay in your account as long as your account is active. If you delete a message, or the entire contents of your Tunnel, it will be removed from your Tunnel at that time.
2. If you delete your Tunnel or request we delete your Tunnel for you, your Tunnel and the messages in the Tunnel will be removed from our servers at the time of deletion.
3. Records that are stored for statistical purposes may be kept indefinitely; note that none of this type of data is associated with your account (it is stored only in aggregate), nor does it identify you personally.
4. Your data may reside in our backups for a brief period subsequent to a message or Tunnel being deleted. This backed up data, of course, will be in encrypted form only, decryptable only with keys in possession of you and your Tunnel confidant.
5. If you let your paid subscription lapse then your account will be downgraded to free account status approximately one week after your subscription has expired and will then be subject to the data retention and time-limit rules for free accounts.
Disclosure of account data
Under normal circumstances, we do not and will never disclose account data to anyone other than the owner of an account. We will always attempt to authenticate any requests that require the disclosure of account data to ensure they come from the account owner. If we are unable to successfully authenticate a request, we do not disclose any account data.
We will only disclose account data in the following circumstances:
1. If we receive an order enforceable under U.S. laws compelling us to disclose account data for a specific user account. The account data we disclose may include data in an unencrypted format. Because such orders generally state that we are not permitted to disclose the existence of the order to a user, we will not disclose to any user the existence, or nonexistence, of any order we may have received.
2. Where the safety or well-being of an individual or individuals is in imminent danger, and we believe in good faith that the disclosure of account data is reasonably necessary to protect against such harm, we will disclose account data. This may include but is not limited to the welfare of a child, or an act of terrorism.
Data Storage
Our office is located in Brooklyn, New York, USA. Our servers where user data is stored are located in the AWS EC2 "US East (Northern Virginia)" region, operated by Amazon.com, Inc., a public Delaware, USA company. We store no user information at our Brooklyn, New York offices.
By visiting our website and using our services, you consent to the collection and use of information as outlined in this privacy policy.
Cookies
Tunnel X sets one "session cookie" on your browser, to ensure that your session persists and is secure. We do not use "persistent cookies" whatsoever (cookies which remain on your browser after you leave Tunnel X or close your browser), nor do we have any code on our site which causes "third-party cookies" to be set on your browser. Finally, we do not track your browser, computer, or device in any way (such as by tracking your device's "MAC address" or any other type of cookie-like tracking identifier).
Advertising
We do not advertise on our site.
Content analysis
We perform no analysis of your data.
Constant improvement
We occasionally update this Privacy Policy to reflect changes in our services and customer feedback. When we post changes to this Policy, we will revise the "last updated" date at the top of this statement. If there are material changes to this Privacy Policy or in how Tunnel X uses your personal information, we will notify you either by prominently posting a notice of such changes prior to implementing the change or by directly sending you a notification. We encourage you to periodically review this Privacy Policy to keep informed about how Tunnel X is protecting your information.
Contact us
We value your opinions and appreciate your comments. If you have any questions or concerns, please contact us.
Terms of Service
Last updated: November 25, 2013
This is a legal agreement between you and Tunnel X, Inc. ("Tunnel X", "we", "us" or "our") governing the Tunnel X service including present and future features offered by Tunnel X and other services which may be offered from time to time by Tunnel X for use with your Tunnel X account (each feature individually and collectively referred to as the "Services")
1. By accessing or using the Services, you acknowledge that you have read, understand, and agree to be bound by the following Terms and Conditions of Use, as they may be modified from time to time (collectively, the "Terms"). If at any time you don't agree to these Terms, immediately discontinue your use of the Services.
2. NOTE TO USERS UNDER 13: Our Services are not for persons under the age of 13. If you are under 13 years old, then please do not use the Services. If you are over 13, but under the age of consent where you live, then you must get the consent of your parents prior to using the Services and, if you do use the Services, you represent to us that you have done so.
3. Privacy. Your privacy is important to us. Our Privacy Policy is hereby incorporated into these Terms by reference. Please read our Privacy Policy carefully for details relating to the collection, use and disclosure of your personal information.
4. Modification of the Terms. Because the Services changes from time to time, Tunnel X reserves the right, at its discretion, to change, modify, add, or remove portions of these Terms at any time without notice. Please check the Terms periodically for changes. Your continued use of the Services after the posting of changes will constitute your acceptance of such changes. While non-material changes to these Terms are effective immediately, any material changes to these Terms will automatically be effective thirty (30) days after they are initially posted on the Tunnel X website.
5. Accounts & Storage Information.
a. Tunnel X requires users to choose an image to use as an authentication "key" and a PIN for additional security. You are entirely responsible for maintaining the confidentiality of your key and PIN.
b. The amount of storage space for file transfer per member is limited; please visit our FAQ for more information. Some file transfers may not be processed due to space or bandwidth constraints. You agree that Tunnel X is not responsible or liable for the deletion or failure to store messages or other information. There is no explicit limit on storage space for messages, but in extreme cases, where message transmissions are used for a purpose other than personal, hand-typed communication, Tunnel X reserves the right to limit storage space for messages as well as transferred files.
6. General Prohibitions.
a. You agree to comply with all applicable local, state, national and international laws and regulations. You also agree not to use the Services for illegal purposes; not to interfere or disrupt networks connected to or by the Services; and to comply with all the rules, policies and procedures connected to these Services.
b. You will not use the Services to store or transmit data that is illegal to possess (such as child pornography) or illegally acquired (such as unlicensed intellectual property).
c. You will not use Tunnel X to plan, coordinate, or consider illegal activity.
d. You agree not to attempt to gain unauthorized access to the Services, or other users' accounts, computer systems, or networks connected to the Services, through hacking, password mining or any other means, or to interfere or attempt to interfere with the proper working of the Services or any activities conducted on the Services.
7. Non-Export of Services.
a. The Services employ encryption technology that is or may be specifically controlled for export by the United States government. As a result, you may not export or otherwise transfer the Services to or into Cuba, Iraq, North Korea, Sudan or Syria or a resident of those countries or to any person on the Specially Designated Nationals List ("SDN") maintained by the United States Treasury or the Table of Denial Orders or Entity List maintained by the United States Department of Commerce. The SDN can be found at www.treasury.gov/resource-center/sanctions/SDN-List. The Denied Persons List can be found at www.bis.doc.gov/dpl.
b. You also may not, and you agree not to, knowingly export or transfer the Services to anyone outside of the United States without first obtaining a proper license and satisfying all requirements of International Traffic in Arms Regulations and the Export Administration Act. It is your responsibility to comply with foreign laws and regulations on encryption import, export or use.
c. When you use the Services, you are certifying to Tunnel X that you are eligible to receive products exported from the United States, without any restrictions.
8. Account Termination.
a. Tunnel X may terminate your access to the Services and any related service(s) at any time, with or without cause, with or without notice, effective immediately, for any reason whatsoever. Tunnel X has no obligation to store or forward the contents of your account.
b. If there is any indication that you are using your account for illegal activity, your account will be terminated immediately and without notice.
c. Activities that are absolutely not tolerated include but are not limited to the purchase or sale of substances that are illegal in many jurisdictions, purchase or sale of stolen goods, making threats to person or property, possession or distribution of child pornography, and fraud.
9. Disclaimers; No Warranties.
a. You expressly agree that the use of the Services is at your sole risk. The Services and any media, content, software, services, or applications made available in conjunction with or through the Services are provided on an "as is" and "as available", "with all faults" basis and without warranties or representations of any kind, either express or implied. Tunnel X, its suppliers, licensors, affiliates, and partners do not warrant or make any representations regarding the use or the results of the use of the Services or any third party sites in terms of correctness, accuracy, reliability, or otherwise.
b. TO THE FULLEST EXTENT PERMISSIBLE PURSUANT TO APPLICABLE LAW, TUNNEL X AND ITS AFFILIATES, PARTNERS, AND SUPPLIERS DISCLAIM ALL WARRANTIES, STATUTORY, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT OF PROPRIETARY RIGHTS. No advice or information, whether oral or written, obtained by you from Tunnel X or the Services will create any warranty not expressly stated herein. You expressly acknowledge that, as used in the sections titled "Disclaimers; No Warranties" (this Section 9) and "Limitations of Liability, Damages and Claims" (Section 10), the term Tunnel X includes Tunnel X's partners, officers, directors, employees, shareholders, agents, service providers, suppliers, licensors, affiliates and subcontractors.
10. Limitations of Liability, Damages and Claims
a. UNDER NO CIRCUMSTANCES, AND UNDER NO LEGAL THEORY (INCLUDING, BUT NOT LIMITED TO, NEGLIGENCE) SHALL TUNNEL X OR ITS AFFILIATES, CONTRACTORS, EMPLOYEES, AGENTS, THIRD PARTY PARTNERS, OR SUPPLIERS BE LIABLE FOR ANY SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES (INCLUDING, WITHOUT LIMITATION, LOSS OF PROFITS, DATA OR USE, OR COST OF COVER) ARISING OUT OF OR RELATING TO THESE TERMS OR THAT RESULT FROM YOUR USE OR INABILITY TO USE THE SERVICES, THE CONTENT THEREON, OR OTHER INTERACTIONS WITH TUNNEL X ANY THIRD PARTIES, EVEN IF TUNNEL X OR A TUNNEL X AUTHORIZED REPRESENTATIVE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. If you are a California resident, you waive California Civil Code Section 1542, which says: "A general release does not extend to claims which the creditor does not know or suspect to exist in his or her favor at the time of executing the release, which if known by him or her must have materially affected his settlement with the debtor." If you are not a California resident, you waive any applicable state statutes of a similar effect.
b. In no event shall Tunnel X or its affiliates, contractors, employees, agents, or third party partners, licensors or suppliers' total liability to you for all damages, losses, and causes of action arising out of or relating to these terms or your use of the Services (whether in contract, tort (including negligence), warranty, or otherwise) exceed the greater of the amount of (a) one hundred dollars or (b) the amount of fees you have paid Tunnel X in the twelve (12) months prior to the action giving rise to the liability.
c. Certain jurisdictions do not allow limitations on implied warranties or the exclusion or limitation of certain damages. If you reside in such a jurisdiction, some or all of the above disclaimers, exclusions, or limitations may not apply to you, and you may have additional rights. The limitations or exclusions of warranties, remedies or liability contained in these Terms apply to you to the fullest extent such limitations or exclusions are permitted under the laws of the applicable jurisdictions
11. Indemnification; Hold Harmless. You agree to indemnify and hold harmless Tunnel X and its subsidiaries, affiliates, and any related companies (including those which share substantially common ownership), its suppliers, licensors and partners, and the officers, directors, employees, agents and representatives of any of the foregoing, from any and all claims, losses, obligations, damages, liabilities, costs, debts and expenses (including attorneys' fees) arising out of: (i) your use or misuse of the Services; (ii) your violation of these Terms; (iii) your violation of the rights of any other person or entity; and (iv) your breach or alleged breach of any representations, warranties, and covenants herein. Tunnel X reserves the right, at your expense, to assume the exclusive defense and control of any matter for which you are required to indemnify us, and you agree to cooperate with our defense of these claims. You agree not to settle any matter in which Tunnel X is a named party without Tunnel X prior written consent. Tunnel X will use reasonable efforts to notify you of any such claim, action, or proceeding upon receiving notice of it.
12. Third Party Sites, Advertisers, and Promotions. The links included within this Web site may allow you leave the Tunnel X site and visit third party sites. These third party sites are not under the control of Tunnel X. Tunnel X is not responsible for the contents of any third party site nor is Tunnel X responsible for the functionality of any third party site. Tunnel X provides links as part of our Services to you strictly as a convenience. A link's inclusion in a Tunnel X site does not endorse the site or their operators. Any promotions sponsored by advertisers to the Services or dealings with the advertisers directly are solely between you and that third party. Tunnel X is not responsible in any part of any such connections or dealing with advertisers or their promotions.
13. Miscellaneous Provisions.
a. Governing Law. You agree that the Services shall be deemed solely based in New York. These Terms shall be governed by and construed in accordance with the laws of the State of Delaware, without giving effect to any principles of conflicts of law.
b. Waiver. A provision of these Terms may be waived only by a written instrument executed by the party entitled to the benefit of such provision. The failure of Tunnel X to exercise or enforce any right or provision of these Terms will not constitute a waiver of such right or provision.
c. Severability. If any provision of these Terms shall be deemed unlawful, void, or for any reason unenforceable, then that provision shall be severed from these Terms and shall not affect the validity and enforceability of any remaining provisions.
d. Assignment. These Terms, and any rights and licenses granted hereunder, may not be transferred or assigned by you, but may be assigned by Tunnel X without restriction.
e. Survival. The Sections entitled, "Disclaimers; No Warranties", "Indemnification; Hold Harmless", "Limitations of Liability, Damages and Claims", and "Miscellaneous Provisions" will survive any termination of these Terms.
f. Headings. The heading references herein are for convenience only, do not constitute a part of these Terms, and shall not be deemed to limit or affect any of the provisions hereof.
g. Entire Agreement. This is the entire agreement between you and Tunnel X relating to the subject matter herein and supersedes all previous communications, representations, understandings, and agreements, either oral or written, between the parties with respect to said subject matter.
You are signed into your Tunnel X account. You have at least your first tunnel.
And you need some help.
Please click one of these links:
Start a new tunnel or respond if someone sends you a passphrase
Click the (+) in the footer from any screen, or click the (+) at the bottom of your list of tunnels. Then, if you have a
passphrase, enter it. If not, click "Create a new tunnel."
Delete a tunnel
Click the (-) at the bottom of your list of tunnels. Then click the bomb icon to delete a particular tunnel.
Exit a tunnel and return to your tunnel list
Click the icon with 3 horizontal lines in the lower right of the screen.
Change the name of a tunnel
Click the cog icon in the footer to bring up Settings. Then click the pop-up after "Change settings for tunnel" and select
the tunnel whose name you want to change.
Change your handle
Click the cog icon in the footer to bring up Settings. Then click "Change your handle."
Frequently Asked Questions
signing up and signing in
Q: If I want to start tunnels with several people should I send the temporary passphrase to all of them? A: No. Each tunnel is only between two people. If you want to start tunnels with, say, three of your friends/colleagues, create three different tunnels, with different passphrases for each one, and send each of your friends his/her own temporary passphrase. You will end up with three tunnels, each between you and a single confidant.
Q: I can't remember my PIN. How can I get to my tunnel? A: You can't. Don't lose your PIN! We won't be able to reset it for you. Tunnel X is designed so that there is no possibility of anyone being able to reset your PIN.
security and privacy
Q: Is it possible for a hacker to break into the Tunnel X web server and read my conversation? A: All conversations (and uploaded files, and other data) are encrypted with multiple encryption algorithms, and your key is required both to log into Tunnel X and then to decrypt the messages. We use industry-standard encryption that has never been cracked. Messages are also encrypted between your browser and our server, using TLS in "perfect forward secrecy" mode. Now: if your goal is 100% confidence that your conversation is private, we suggest stripping off your clothes, swimming to the middle of a lake and whispering into your confidant's ear (preferably in an obscure, dead language), not that we recommend this. Neither Tunnel X nor any other secure communications channel can offer that level or privacy (and we suggest that you be wary of any that do).
Q: I went to get a cup of coffee while I was writing a note, and when I came back the Tunnel X screen was gone. What happened? A: After a period of time, Tunnel X will log you out and clear the window. This is for your own protection. You can set the length of time until this happens by clicking "Settings" in the lower right of the window.
Q: How do I know that Tunnel X isn't run by the Russian mob or the NSA or Rupert Murdoch or someone else who plans to record all my private conversations to hurt me? A: Tunnel X was founded by two people who have established reputations and no ties with foreign organizations, governments, or publishing concerns. Our advisory board consists of people with well-established reputations and who know the founders and vouch for their good faith.
Q: I've read that the NSA and other government agencies are reading all of our communications. Is Tunnel X secure from these agencies? A: We are as confident as we can reasonably be that no government has the capability to intercept and read the messages in Tunnel X.
Q: I sent a message that I regret having sent, or my confidant posted a message I would rather not be in our conversation. A: Either user may delete any single message by clicking the "X" at the right-hand side of the message. Either user may also delete the entire tunnel by going to "Settings" (bottom right of the window) and clicking "destroy this tunnel permanently."
interface and miscellaneous
Q: Is Tunnel X for chatting, like instant messaging, or for longer messages that my friend will read later, like email? A: It's for either. Messages are updated immediately. So if you and your confidant are both in the tunnel at the same time, you will see her messages as soon as she sends them. Messages are saved indefinitely, so if your confidant is offline, she will see your message as soon as she signs in.
Q: Can I have a three-way conversation? A: No. Tunnel X does not support three-way tunnels now.
Q: The message text is too small and hard to read. Can I make it bigger? A: Click "Settings" in the lower right of the window, and you can change the font size.
Q: Will I need to start paying for my tunnel at some point? A: Tunnel X is free now. Any tunnels created during this period will remain free indefinitely.
Q: On the web site, I can upload any kind of file. On the mobile app, I can only upload photos. And I can only view photos that my confidant has uploaded. Why the limitation? A: Mobile phones (particularly iPhones), don't give you free access to all the documents on them. So, for example, if you have a PowerPoint file in your email inbox, Tunnel X can't fish it out of there and upload it to your tunnel. Similarly, Tunnel X cannot display file formats in your tunnel besides image files (JPG, GIF, PNG, BMP). But if you "export" your tunnel to another device (from the Settings screen), this will generate a passphrase. Open up a web browser on a computer, head over to tunnelx.com, and enter the passphrase. On the web site, you may upload and download any type of file.
Privacy Policy
Who We Are
Tunnel X's fundamental goal is to protect the privacy of your communications. Thus we always choose to obtain as little information about you as possible. We choose to encrypt all of the data you store on our site such that even we cannot read it. For us, privacy is not just a policy, it is our ethos.
Your data
We collect as little data about you as possible. The following are the ways in which we may collect personal data:
1. Visiting our website. We do not log IP addresses. For the purpose of traffic analysis, we map IP addresses to locations (with "municipality" granularity but not more than that), and then store that information, so that we can understand traffic. However, we do not store that information such that it is mapped to specific users. Users who do not wish to reveal their location to Tunnel X are welcome to use an anonymizing service such as the Tor network.
2. Creating an account. When you create an account, we want to know as little about you as possible. We do not collect any personal data from you, including your IP address. We ask you to upload a random image from your computer (which is never visible to us; in fact, we only process a small fraction of this image), and to choose a PIN; you will use these whenever you sign into Tunnel X. The image will be used to derive an encryption key which will secure your data. We do not store either of these data points in a way that we can decrypt; rather, we store hashes (one-way-encrypted versions) of them. We also record the date and time on which you created your account, so we know when your "free" period is over (however, "beta" users' accounts remain free indefinitely).
3. Signing in to your account and our record of your activity. When you sign into your account, we record the actions you take necessary for us to authenticate you, or to store and transmit the messages you send, as well as the files you share with your confidant. We also store your account preferences (such as font size). We store all of this data in encrypted form, in such a way that it may only be decrypted by you or your confidant when you or your confidant are signed in. We also track the total file size of all messages and files in your Tunnel, because we place limits on the amount of data users may keep in their accounts. We do not track which messages you have read and which you haven't. We do not record when you delete messages; we simply remove the message from our storage drives. Sometimes we display "system messages" to our users (for example, warnings that Tunnel X will be offline briefly for maintenance at a specific time); we note whether or not we have displayed these messages to you so that we don't display them to you more than once.
4. Communicating with us. When you communicate with us, you may provide us with personal data about yourself. Your communication with us may be retained in our system. We encourage all users to communicate with us in as anonymous a way as is possible, because we want to store as little data about you as we can.
How we store your data
1. When you sign up for an account, you consent to your account and any other account data being stored on the Tunnel X servers.
2. We do not store your authentication tokens on the Tunnel X servers. Instead, a hashed value is stored for authentication. The original authentication tokens cannot be determined from that hashed value. As a result, we are unable to recover a forgotten image key or PIN.
3. We store all of your data either in encrypted form (with a key which itself is derived from your login key, meaning your data is unencryptable by anyone other than you or your confidant), or in hashed form (hashing is a process of one-way encryption: hashes are not decryptable, by anyone).
How we use your data
1. We do not analyze the data in your account for the purpose of displaying advertisements.
2. We do not and will never share your account data with any third-party except as specified in this policy. We will never sell your account data under any circumstances.
3. We do not solicit users' email addresses. We only see email addresses when someone contacts us via email; We do not and will never share your email address or other contact data with mailing lists. We provide anonymous modes of contacting us as well. We will never initiate contact with you unless the communication is account related, or unless you have consented to such communication.
4. We do not use third-party services, because doing so may expose your data to those third parties. We do not use Google Analytics or similar services for exactly that reason. Nor do we show you targeted advertising; doing so would require disclosing your online behavior to advertising networks. The exception is that we will implement third-party payment systems, such as Paypal and Bitcoin. Any information about you we receive from them will be discarded as soon as the payment is recorded.
How long do we retain your data?
The following outlines how our data retention policy affects the messages in your account and your account data:
1. Data in your account will stay in your account as long as your account is active. If you delete a message, or the entire contents of your Tunnel, it will be removed from your Tunnel at that time.
2. If you delete your Tunnel or request we delete your Tunnel for you, your Tunnel and the messages in the Tunnel will be removed from our servers at the time of deletion.
3. Records that are stored for statistical purposes may be kept indefinitely; note that none of this type of data is associated with your account (it is stored only in aggregate), nor does it identify you personally.
4. Your data may reside in our backups for a brief period subsequent to a message or Tunnel being deleted. This backed up data, of course, will be in encrypted form only, decryptable only with keys in possession of you and your Tunnel confidant.
5. If you let your paid subscription lapse then your account will be downgraded to free account status approximately one week after your subscription has expired and will then be subject to the data retention and time-limit rules for free accounts.
Disclosure of account data
Under normal circumstances, we do not and will never disclose account data to anyone other than the owner of an account. We will always attempt to authenticate any requests that require the disclosure of account data to ensure they come from the account owner. If we are unable to successfully authenticate a request, we do not disclose any account data.
We will only disclose account data in the following circumstances:
1. If we receive an order enforceable under U.S. laws compelling us to disclose account data for a specific user account. The account data we disclose may include data in an unencrypted format. Because such orders generally state that we are not permitted to disclose the existence of the order to a user, we will not disclose to any user the existence, or nonexistence, of any order we may have received.
2. Where the safety or well-being of an individual or individuals is in imminent danger, and we believe in good faith that the disclosure of account data is reasonably necessary to protect against such harm, we will disclose account data. This may include but is not limited to the welfare of a child, or an act of terrorism.
Data Storage
Our office is located in Brooklyn, New York, USA. Our servers where user data is stored are located in the AWS EC2 "US East (Northern Virginia)" region, operated by Amazon.com, Inc., a public Delaware, USA company. We store no user information at our Brooklyn, New York offices.
By visiting our website and using our services, you consent to the collection and use of information as outlined in this privacy policy.
Cookies
Tunnel X sets one "session cookie" on your browser, to ensure that your session persists and is secure. We do not use "persistent cookies" whatsoever (cookies which remain on your browser after you leave Tunnel X or close your browser), nor do we have any code on our site which causes "third-party cookies" to be set on your browser. Finally, we do not track your browser, computer, or device in any way (such as by tracking your device's "MAC address" or any other type of cookie-like tracking identifier).
Advertising
We do not advertise on our site.
Content analysis
We perform no analysis of your data.
Constant improvement
We occasionally update this Privacy Policy to reflect changes in our services and customer feedback. When we post changes to this Policy, we will revise the "last updated" date at the top of this statement. If there are material changes to this Privacy Policy or in how Tunnel X uses your personal information, we will notify you either by prominently posting a notice of such changes prior to implementing the change or by directly sending you a notification. We encourage you to periodically review this Privacy Policy to keep informed about how Tunnel X is protecting your information.
Contact us
We value your opinions and appreciate your comments. If you have any questions or concerns, please contact us.
Terms of Service
Last updated: November 25, 2013
This is a legal agreement between you and Tunnel X, Inc. ("Tunnel X", "we", "us" or "our") governing the Tunnel X service including present and future features offered by Tunnel X and other services which may be offered from time to time by Tunnel X for use with your Tunnel X account (each feature individually and collectively referred to as the "Services")
1. By accessing or using the Services, you acknowledge that you have read, understand, and agree to be bound by the following Terms and Conditions of Use, as they may be modified from time to time (collectively, the "Terms"). If at any time you don't agree to these Terms, immediately discontinue your use of the Services.
2. NOTE TO USERS UNDER 13: Our Services are not for persons under the age of 13. If you are under 13 years old, then please do not use the Services. If you are over 13, but under the age of consent where you live, then you must get the consent of your parents prior to using the Services and, if you do use the Services, you represent to us that you have done so.
3. Privacy. Your privacy is important to us. Our Privacy Policy is hereby incorporated into these Terms by reference. Please read our Privacy Policy carefully for details relating to the collection, use and disclosure of your personal information.
4. Modification of the Terms. Because the Services changes from time to time, Tunnel X reserves the right, at its discretion, to change, modify, add, or remove portions of these Terms at any time without notice. Please check the Terms periodically for changes. Your continued use of the Services after the posting of changes will constitute your acceptance of such changes. While non-material changes to these Terms are effective immediately, any material changes to these Terms will automatically be effective thirty (30) days after they are initially posted on the Tunnel X website.
5. Accounts & Storage Information.
a. Tunnel X requires users to choose an image to use as an authentication "key" and a PIN for additional security. You are entirely responsible for maintaining the confidentiality of your key and PIN.
b. The amount of storage space for file transfer per member is limited; please visit our FAQ for more information. Some file transfers may not be processed due to space or bandwidth constraints. You agree that Tunnel X is not responsible or liable for the deletion or failure to store messages or other information. There is no explicit limit on storage space for messages, but in extreme cases, where message transmissions are used for a purpose other than personal, hand-typed communication, Tunnel X reserves the right to limit storage space for messages as well as transferred files.
6. General Prohibitions.
a. You agree to comply with all applicable local, state, national and international laws and regulations. You also agree not to use the Services for illegal purposes; not to interfere or disrupt networks connected to or by the Services; and to comply with all the rules, policies and procedures connected to these Services.
b. You will not use the Services to store or transmit data that is illegal to possess (such as child pornography) or illegally acquired (such as unlicensed intellectual property).
c. You will not use Tunnel X to plan, coordinate, or consider illegal activity.
d. You agree not to attempt to gain unauthorized access to the Services, or other users' accounts, computer systems, or networks connected to the Services, through hacking, password mining or any other means, or to interfere or attempt to interfere with the proper working of the Services or any activities conducted on the Services.
7. Non-Export of Services.
a. The Services employ encryption technology that is or may be specifically controlled for export by the United States government. As a result, you may not export or otherwise transfer the Services to or into Cuba, Iraq, North Korea, Sudan or Syria or a resident of those countries or to any person on the Specially Designated Nationals List ("SDN") maintained by the United States Treasury or the Table of Denial Orders or Entity List maintained by the United States Department of Commerce. The SDN can be found at www.treasury.gov/resource-center/sanctions/SDN-List. The Denied Persons List can be found at www.bis.doc.gov/dpl.
b. You also may not, and you agree not to, knowingly export or transfer the Services to anyone outside of the United States without first obtaining a proper license and satisfying all requirements of International Traffic in Arms Regulations and the Export Administration Act. It is your responsibility to comply with foreign laws and regulations on encryption import, export or use.
c. When you use the Services, you are certifying to Tunnel X that you are eligible to receive products exported from the United States, without any restrictions.
8. Account Termination.
a. Tunnel X may terminate your access to the Services and any related service(s) at any time, with or without cause, with or without notice, effective immediately, for any reason whatsoever. Tunnel X has no obligation to store or forward the contents of your account.
b. If there is any indication that you are using your account for illegal activity, your account will be terminated immediately and without notice.
c. Activities that are absolutely not tolerated include but are not limited to the purchase or sale of substances that are illegal in many jurisdictions, purchase or sale of stolen goods, making threats to person or property, possession or distribution of child pornography, and fraud.
9. Disclaimers; No Warranties.
a. You expressly agree that the use of the Services is at your sole risk. The Services and any media, content, software, services, or applications made available in conjunction with or through the Services are provided on an "as is" and "as available", "with all faults" basis and without warranties or representations of any kind, either express or implied. Tunnel X, its suppliers, licensors, affiliates, and partners do not warrant or make any representations regarding the use or the results of the use of the Services or any third party sites in terms of correctness, accuracy, reliability, or otherwise.
b. TO THE FULLEST EXTENT PERMISSIBLE PURSUANT TO APPLICABLE LAW, TUNNEL X AND ITS AFFILIATES, PARTNERS, AND SUPPLIERS DISCLAIM ALL WARRANTIES, STATUTORY, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT OF PROPRIETARY RIGHTS. No advice or information, whether oral or written, obtained by you from Tunnel X or the Services will create any warranty not expressly stated herein. You expressly acknowledge that, as used in the sections titled "Disclaimers; No Warranties" (this Section 9) and "Limitations of Liability, Damages and Claims" (Section 10), the term Tunnel X includes Tunnel X's partners, officers, directors, employees, shareholders, agents, service providers, suppliers, licensors, affiliates and subcontractors.
10. Limitations of Liability, Damages and Claims
a. UNDER NO CIRCUMSTANCES, AND UNDER NO LEGAL THEORY (INCLUDING, BUT NOT LIMITED TO, NEGLIGENCE) SHALL TUNNEL X OR ITS AFFILIATES, CONTRACTORS, EMPLOYEES, AGENTS, THIRD PARTY PARTNERS, OR SUPPLIERS BE LIABLE FOR ANY SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES (INCLUDING, WITHOUT LIMITATION, LOSS OF PROFITS, DATA OR USE, OR COST OF COVER) ARISING OUT OF OR RELATING TO THESE TERMS OR THAT RESULT FROM YOUR USE OR INABILITY TO USE THE SERVICES, THE CONTENT THEREON, OR OTHER INTERACTIONS WITH TUNNEL X ANY THIRD PARTIES, EVEN IF TUNNEL X OR A TUNNEL X AUTHORIZED REPRESENTATIVE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. If you are a California resident, you waive California Civil Code Section 1542, which says: "A general release does not extend to claims which the creditor does not know or suspect to exist in his or her favor at the time of executing the release, which if known by him or her must have materially affected his settlement with the debtor." If you are not a California resident, you waive any applicable state statutes of a similar effect.
b. In no event shall Tunnel X or its affiliates, contractors, employees, agents, or third party partners, licensors or suppliers' total liability to you for all damages, losses, and causes of action arising out of or relating to these terms or your use of the Services (whether in contract, tort (including negligence), warranty, or otherwise) exceed the greater of the amount of (a) one hundred dollars or (b) the amount of fees you have paid Tunnel X in the twelve (12) months prior to the action giving rise to the liability.
c. Certain jurisdictions do not allow limitations on implied warranties or the exclusion or limitation of certain damages. If you reside in such a jurisdiction, some or all of the above disclaimers, exclusions, or limitations may not apply to you, and you may have additional rights. The limitations or exclusions of warranties, remedies or liability contained in these Terms apply to you to the fullest extent such limitations or exclusions are permitted under the laws of the applicable jurisdictions
11. Indemnification; Hold Harmless. You agree to indemnify and hold harmless Tunnel X and its subsidiaries, affiliates, and any related companies (including those which share substantially common ownership), its suppliers, licensors and partners, and the officers, directors, employees, agents and representatives of any of the foregoing, from any and all claims, losses, obligations, damages, liabilities, costs, debts and expenses (including attorneys' fees) arising out of: (i) your use or misuse of the Services; (ii) your violation of these Terms; (iii) your violation of the rights of any other person or entity; and (iv) your breach or alleged breach of any representations, warranties, and covenants herein. Tunnel X reserves the right, at your expense, to assume the exclusive defense and control of any matter for which you are required to indemnify us, and you agree to cooperate with our defense of these claims. You agree not to settle any matter in which Tunnel X is a named party without Tunnel X prior written consent. Tunnel X will use reasonable efforts to notify you of any such claim, action, or proceeding upon receiving notice of it.
12. Third Party Sites, Advertisers, and Promotions. The links included within this Web site may allow you leave the Tunnel X site and visit third party sites. These third party sites are not under the control of Tunnel X. Tunnel X is not responsible for the contents of any third party site nor is Tunnel X responsible for the functionality of any third party site. Tunnel X provides links as part of our Services to you strictly as a convenience. A link's inclusion in a Tunnel X site does not endorse the site or their operators. Any promotions sponsored by advertisers to the Services or dealings with the advertisers directly are solely between you and that third party. Tunnel X is not responsible in any part of any such connections or dealing with advertisers or their promotions.
13. Miscellaneous Provisions.
a. Governing Law. You agree that the Services shall be deemed solely based in New York. These Terms shall be governed by and construed in accordance with the laws of the State of Delaware, without giving effect to any principles of conflicts of law.
b. Waiver. A provision of these Terms may be waived only by a written instrument executed by the party entitled to the benefit of such provision. The failure of Tunnel X to exercise or enforce any right or provision of these Terms will not constitute a waiver of such right or provision.
c. Severability. If any provision of these Terms shall be deemed unlawful, void, or for any reason unenforceable, then that provision shall be severed from these Terms and shall not affect the validity and enforceability of any remaining provisions.
d. Assignment. These Terms, and any rights and licenses granted hereunder, may not be transferred or assigned by you, but may be assigned by Tunnel X without restriction.
e. Survival. The Sections entitled, "Disclaimers; No Warranties", "Indemnification; Hold Harmless", "Limitations of Liability, Damages and Claims", and "Miscellaneous Provisions" will survive any termination of these Terms.
f. Headings. The heading references herein are for convenience only, do not constitute a part of these Terms, and shall not be deemed to limit or affect any of the provisions hereof.
g. Entire Agreement. This is the entire agreement between you and Tunnel X relating to the subject matter herein and supersedes all previous communications, representations, understandings, and agreements, either oral or written, between the parties with respect to said subject matter.
