rpriven
5099581fc3
- README.md: overview, hardware, build/flash, usage, web API, exports - SECURITY.md: passive-receiver scope + vulnerability disclosure - SIGNATURES.md: signature provenance and upstream credit - .gitignore: block GPS-tagged detection exports from being committed Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1.5 KiB
1.5 KiB
Signature Provenance
Dantir detects devices by matching publicly broadcast radio signatures — Bluetooth MAC OUI prefixes, advertised device-name patterns, BLE manufacturer company IDs, service UUIDs, and WiFi management-frame source OUIs. None of this data is proprietary; it comes from public registries and open community research.
Sources & credit
- OUI Spy Unified Blue by colonelpanichacks (colonelpanic.tech) — the upstream project Dantir is forked from, and the origin of the core detection engine and much of the BLE signature set.
- flock-you by wgreenberg — BLE detection research on Flock Safety hardware.
- deflock.me — community-maintained, crowd-sourced catalog of surveillance-device signatures (ALPR cameras and related gear).
- IEEE MA-L (OUI) registry — public assignments mapping MAC prefixes to manufacturers.
- Bluetooth SIG company identifiers — manufacturer company IDs carried in BLE advertisements, published by the Bluetooth SIG.
Nature of the data
These signatures describe what publicly observable radio emissions look like — facts about how devices identify themselves over the air, compiled for interoperability and security-research purposes. A detection indicates only that a matching broadcast was observed nearby. It is not proof of the presence, ownership, or operation of any specific device or party.