ZeroTrace AirLeak
Insights Dashboard
Turning raw capture into understanding
The Insights tab is the dashboard layer of AirLeak, a calm set of charts over the same live device table the Live tab renders. Open it during a capture for the high-level read on the room.
It samples the live capture store a couple of times a second, so the charts update as the capture progresses without re-deriving on every frame.
Composition
Answers "what kinds of devices are around me?"
Device-class breakdown
A donut of the top device classes in the current view, using the same class colors as the rest of the app, iPhone, Android, AirPods, Smart TV, trackers, IoT, unknown, and so on.
Top vendors
A list of the most common vendors observed (by OUI / BLE company-ID lookup). A quick read of the room:
- Apple-heavy → likely a tech-affluent space (offices, conferences)
- Mixed → public space with random pedestrians
Protocol, severity, and name distributions
Breakdowns of which BLE protocols are in the air (Apple Continuity, Find My, Tile, etc.), how device severity is distributed, and how many devices broadcast a friendly name versus stay nameless.
Situational / privacy
A readout of the privacy-relevant signals in the live table:
- Proximity spread, how close the observed devices are (signal-strength buckets)
- Exposure, an at-a-glance count of trackers and high-leakage devices
- Severe devices, how many cross the high-severity threshold
- Random-MAC share, what fraction of devices are using privacy-randomized addresses
These are derived live from the capture stream, so they reflect what's around you right now.
Reading it
Insights is best as a fast situational read, "is this an Apple-heavy room?", "are there trackers here?", "how exposed is this environment?", before you drill into individual devices on the Live tab or chase one down with Hunt.
AirLeak is BLE-only, so Insights has no WiFi-network or probed-SSID views. Earlier AirLeak builds had a "network leakage" tab; it was removed with the WiFi capture path.