Insights Dashboard

The Insights page is the dashboards layer of AirLeak. Five tabs — each turning the raw capture into a different lens. Open it after a capture for the high-level summary; check it during a long session for trends.

---

The five tabs

Each tab updates live as the capture progresses (in Monitor mode) and freezes after switching to Setup or replaying a session.

---

Distribution tab

The first tab — answers "what kinds of devices are around me?"

Class pie chart

A pie chart of the top device classes in the current view, with class colors matching the rest of the app:

• iPhone, Galaxy Phone, Pixel
• AirPods family
• Smart TV, Chromecast, FireTV
• Smart speaker
• AirTag, Tile, SmartTag
• Generic IoT
• Unknown

Hover any slice for exact count + percentage.

Top vendors bar chart

A horizontal bar chart of the top 10 vendors observed (by OUI lookup):

Apple, Inc.            ▮▮▮▮▮▮▮▮▮▮▮▮▮▮▮▮▮▮ 47
Samsung Electronics    ▮▮▮▮▮▮▮▮ 21
Google LLC             ▮▮▮▮▮▮ 14
Espressif (IoT chips)  ▮▮▮▮ 9
Texas Instruments      ▮▮ 5
...

Clicking a vendor filters the device list to that vendor.

What it tells you

A quick read of the room:

• Apple-heavy → likely a tech-affluent space (offices, conferences)
• Samsung-heavy → mass consumer (transit, malls)
• Heavy IoT chips (Espressif, Realtek) → smart-home density (residential)
• Mixed equally → public space with random pedestrians

Use this for environment fingerprinting before drilling into specifics.

---

Network leakage tab

About WiFi: networks observed, networks probed, classification of the leaks.

Probe class breakdown

Counts of each SSID class observed across all devices in the session:

Hotel SSIDs       12
Airport SSIDs      8
Corporate SSIDs    5
PII SSIDs         18
Café SSIDs        24
Personal SSIDs   124
Other             87

Useful for seeing what kinds of networks are being leaked in this environment. A high "Corporate" count in a downtown coffee shop means lots of office workers' phones are probing for their work networks.

Top probed SSIDs

A list of the most-frequently-probed SSIDs across all devices:

Starbucks WiFi              48 probes
eduroam                     32 probes
Marriott_GUEST              22 probes
Acme-Corp-Wifi              18 probes
Sarah's iPhone              14 probes
...

Each row is clickable — opens a list of devices that probed for that SSID.

Channel utilization

A horizontal bar chart of how busy each 2.4 GHz channel is:

Ch  1   ▮▮▮▮▮▮▮▮  8 networks
Ch  6   ▮▮▮▮▮▮▮▮▮▮▮▮▮▮  12 networks
Ch 11   ▮▮▮▮▮▮▮▮▮  9 networks
Ch  2-5,7-10,12-13   ▮  1 each

Useful when picking a channel for your own AP. Stick to 1, 6, or 11 (the non-overlapping channels). Pick the least crowded.

---

Trackers tab

The single-purpose tab for tracker awareness.

Counts

• AirTags total — every AirTag observed
• AirTags separated — observed in separated-from-owner mode
• Tile total
• Samsung SmartTag total
• FMDN trackers
• Generic / unknown trackers

Tracker list

Every tracker observed, sorted by separated time descending:

Multi-hour followers

A red-tinted card listing every device that's triggered the multi_hour_follower alert in this session. This is the card to check first if you suspect tracking.

If empty: no trackers have been with you long enough to alert.

If non-empty: investigate each entry. See Tracker Detection.

---

Privacy tab

A six-card grid summarizing privacy concerns, plus a per-device leaky list.

Six-card grid

Each card shows a count + the affected devices:

Each card is clickable — opens a list of devices contributing to that count.

Top leaky devices

A list of the top 10 devices ranked by total leakage signals (alerts + probed-SSID class + battery exposure + handoff increment + ...):

1. Sarah's iPhone (iphone)        leakage_score: 78
2. DESKTOP-AB12CD (windows_pc)    leakage_score: 62
3. AirPods Pro 2 (airpods_pro_2)  leakage_score: 51
4. Galaxy Watch5 (galaxy_watch)   leakage_score: 48
5. ...

Click any device to open detail. Useful for quickly identifying the leakiest devices in the room — often surprising who they belong to.

---

Library tab

The cross-session view. Different from the in-session aggregator: this shows devices across every session ever recorded.

Library stats

• Total devices in library
• Devices seen in last 7 days
• Average sessions per device
• Most-seen device

Library table

Every device the desktop has ever observed:

This is the "who's been near you, ever" view. See Library for full details.

---

Real-time vs replay

In live capture, the Insights tabs update every few seconds. New devices arrive, counts change, top-ssid lists shift.

In a session replay, the values are frozen at the session's final state — useful for "what did this room look like at end of session?"

The status bar shows Replay: <session-name> when you're in replay mode, so you always know which mode you're seeing.

---

Exporting Insights views

Each tab has an export button. Options:

• PNG screenshot — for sharing
• CSV — for spreadsheet analysis (top SSIDs, vendor counts)
• Markdown summary — for reports

The Markdown summary is the most useful for after-the-fact reporting:

## Privacy summary
- 4 phones in AirDrop Everyone mode
- 18 PII-SSID probes (top: 'Sarah's iPhone' x14)
- 5 Corp-SSID probes (Acme-Corp-Wifi)
- 12 Random-MAC devices observed (8 fingerprint-merged)

## Top leaky devices
1. Sarah's iPhone — score 78
2. DESKTOP-AB12CD — score 62
...

---

Common Insights workflows

Quick room scan

1. Connect AirLeak, switch to Monitor.
2. Wait 5 minutes.
3. Open Insights → Distribution. Read the room composition.

Privacy audit at a venue

1. Run Monitor for the venue's duration.
2. Open Insights → Privacy. Check the six-card grid for surprising counts.
3. Open Insights → Trackers. Check for multi-hour followers.
4. Open Insights → Network leakage. See if there's an open network or rogue AP.

Long-term known-device tracking

1. After many sessions, open Insights → Library.
2. Filter to "Most-seen". You see your top regular devices.
3. Mark the obvious ones (yours, family, coworkers) so future sessions categorize correctly.

---