dantir/SECURITY.md

Security Policy

What Dantir is (and isn't)

Dantir is a passive radio receiver. It listens for Bluetooth Low Energy advertisements and WiFi management frames (beacons and probe requests) that devices already broadcast openly to anyone in range — the same packets your phone's Bluetooth and WiFi scanners receive — and matches those public signatures against known surveillance-device patterns.

Dantir does not:

• transmit anything at the devices it detects;
• connect to, authenticate against, or query any third-party device;
• jam, spoof, deauthenticate, or otherwise interfere with any radio signal;
• capture the content of any communication — only broadcast metadata (MAC address, advertised name, manufacturer ID, service UUID).

The device runs its own local WiFi access point solely to serve its dashboard.

Reporting a vulnerability

If you find a security issue in the firmware or dashboard, please report it privately rather than opening a public issue:

• Open a GitHub security advisory on this repository, or
• Contact the maintainer via the profile linked on the repository.

Please include reproduction steps and the firmware version/commit. We aim to acknowledge reports promptly and will credit reporters who wish to be named.

Operating it responsibly

• Change the default dashboard credentials (FY_AP_SSID / FY_AP_PASS) before any real-world use — the defaults are public.
• Detection is signature-based and is not proof of any specific device.
• Use it lawfully in your jurisdiction. Detect and document — never interfere.