Idea
Build and maintain a curated database of known surveillance camera manufacturer OUI prefixes (MAC address first 3 octets) and WiFi SSID / BLE device name patterns. This is the foundational data layer that many other wardriving and surveillance detection features depend on.
This issue is a proposal/placeholder to gather community feedback, ideas, and suggestions — not a prescriptive spec.
Why
OUI and SSID/BLE-name matching is the simplest, most reliable way to passively identify surveillance devices from RF data. Whether that data comes from Wigle, Kismet, phone-native scanning, or FlockSquawk hardware, the detection logic is the same: compare observed MACs and names against a known watchlist.
What this might include
OUI Prefixes
Curate MAC prefixes for known camera manufacturers:
- Flock Safety — ALPR cameras, gunshot detectors
- Hikvision / HiLook — largest camera manufacturer globally
- Dahua / Amcrest — second largest, many rebranded models
- Axis Communications — commercial/enterprise cameras
- Ring (Amazon) — doorbell cameras
- Nest / Google — Nest Cam family
- Wyze — consumer WiFi cameras
- Arlo (Netgear) — wireless cameras
- Reolink — consumer/prosumer cameras
- Ubiquiti — UniFi Protect cameras
- Others from IEEE OUI database
SSID / BLE Name Patterns
Known broadcast patterns from cameras in setup mode or normal operation:
- Dahua WiFi NVR:
NVR2.4G
- Flock Safety BLE:
FS Ext Battery (already detected by flock-you)
- Generic IP cameras:
IPCAM-*, camera-*
- Ring doorbells: specific BLE advertisement names during setup
- Hikvision: default SSIDs
- Arlo base stations: sync SSIDs
Format & Hosting
- JSON config file with OUI prefixes, SSID regex patterns, BLE name patterns
- Scored matching: exact match vs regex vs partial
- Updateable from a server (or bundled with app updates)
Open Questions
- Where should this be hosted? Bundled in-app? Separate repo? Updated from alprwatch.org?
- Community contributions? Should there be a way for users to submit new OUI/SSID patterns?
- Scoring model? How to weight different match types (OUI alone vs OUI + SSID match)?
- False positive management? Some OUIs are shared across product lines (e.g., Ubiquiti makes more than cameras)
Effort Estimate
Small — this is primarily a data curation + simple data model task.
Dependencies
None — this is foundational for many other features.
Related
Idea
Build and maintain a curated database of known surveillance camera manufacturer OUI prefixes (MAC address first 3 octets) and WiFi SSID / BLE device name patterns. This is the foundational data layer that many other wardriving and surveillance detection features depend on.
This issue is a proposal/placeholder to gather community feedback, ideas, and suggestions — not a prescriptive spec.
Why
OUI and SSID/BLE-name matching is the simplest, most reliable way to passively identify surveillance devices from RF data. Whether that data comes from Wigle, Kismet, phone-native scanning, or FlockSquawk hardware, the detection logic is the same: compare observed MACs and names against a known watchlist.
What this might include
OUI Prefixes
Curate MAC prefixes for known camera manufacturers:
SSID / BLE Name Patterns
Known broadcast patterns from cameras in setup mode or normal operation:
NVR2.4GFS Ext Battery(already detected by flock-you)IPCAM-*,camera-*Format & Hosting
Open Questions
Effort Estimate
Small — this is primarily a data curation + simple data model task.
Dependencies
None — this is foundational for many other features.
Related