One person’s detection.
Everyone’s early warning.
When one WifiThreatWatch device confirms an attack, it warns every other one — before they connect. Here’s how a community watches WiFi together: the attacker documented in full, you only ever as a hash.
Document the attacker. Hash everything of yours.
A useful warning has to name the threat. So when your device confirms an attack run from a rogue hotspot — the attacker’s hardware, not yours — it reports that access point in full: real network name, hardware address, radio details, and the rough area where it was seen (150 m to 1 km, never an exact position). That’s what lets the next device recognize the same equipment the moment it reappears.
Your own network never gets that treatment. Before anything about it leaves your computer, its identifiers become a one-way hash: a fingerprint that can be matched against other fingerprints, but never turned back into a name. Nearby networks seen during scans cross the same way — hashes only.
Reports are tied to the reporting account for at most 90 days — solely to keep junk out of the database — then permanently anonymized. And no warning ever says who reported what.
The exact fields, word for word, are in the Privacy Policy and Terms (v2026-07-08.2).
Its real network name (SSID), hardware address (BSSID), channel, band, security mode, hardware vendor, signal data, and a rough area of 150 m–1 km — never an exact position.
One-way hashes only — its real name and router address never leave your device. Never collected, for anyone: browsing activity, files, exact GPS position.
Three ways the community has your back
Every device runs the same local detectors WifiThreatWatch already ships. Sharing what they confirm turns a single-device tool into a network that warns everyone else — proactively, before the next person is targeted.
See threats before you connect
When you scan for WiFi, the app checks every network it can see against what the community has flagged. If someone else’s WifiThreatWatch confirmed an evil twin or a spoofing attack on that network, the warning is already waiting in your network list — before you ever tap connect.
Watched after you’ve joined, too
Protection doesn’t stop the moment you connect. The app re-checks the network you’re on about every 30 seconds — so if another user’s device flags it after you joined, you’re warned in the app on the next re-check, not the next time you happen to scan.
Stronger every time someone joins
This database is young — and we’d rather say so than pretend to a giant catalogue. It grows with the community, and that’s the whole point: every device that joins makes the next warning likelier to already exist when someone needs it. One person’s bad afternoon at a café becomes everyone else’s heads-up.
One database in the cloud. One sentry on your WiFi.
“Shared intelligence” is really two separate systems that never blur together: a global, anonymous database your devices can ask, and a Nano announcing itself on your own network. Neither one ever pushes anything to your other devices — and your alerts never come from either. Keeping the three straight answers most questions about how this works.
The shared database
A crowd-sourced pool of confirmed attacks. Your devices ask it questions and it answers — that’s the entire relationship. It has no way to ring you, and the warnings it serves never say who reported them.
Nano discovery
A Nano (in prototype) announces itself on your own network so the app can say “protected by Nano” the moment it opens at home. Same WiFi only, no cloud — it works with the internet down.
Detection & alerts
Every warning you see comes from your own device — its local detectors and the questions it asked. Nothing remote can pop an alert onto your screen.
Up as a fingerprint. Down as an answer.
When your device confirms an attack, the guarded report climbs into a single shared row. Other devices meet it coming the other way: as the answer to a question they asked during their own scan.
That’s the entire route. No broadcast to everyone at the coffee shop, no remote pop-ups, no devices ringing each other. A warning reaches other devices on their next check — the network you’re on is re-checked about every 30 seconds — and every device still runs its own local detectors, so a live attack is usually caught on the spot anyway.
Corroboration, not spam
If ten devices catch the same evil twin, the database doesn’t hold ten screaming entries — it holds one verdict, corroborated by ten. Extra witnesses make the flag more trustworthy, not louder. A device re-sending the same report is counted once.
And alerts stay local: your device warns you once, from its own checks, and won’t re-nag you about the same flagged network every half-minute.
A warning system, honestly framed
The fastest way to lose your trust would be to overstate this. So here’s exactly what it does and doesn’t do.
A flag tells you what the community has seen so you can decide. The app won’t silently stop you from connecting to anything.
Reporting confirmed attacks is a required part of the free app — it cannot be turned off. The database only exists because every device that catches an attack says so; that’s the deal, stated plainly.
Attacks happen at coffee shops, not because of them. A flag means “an attack was confirmed here recently” — a reason for caution, not a condemnation.
We’re building this with the first wave of users. The database is new and grows with every person who joins.
Built to fail safe
A shared system is only as trustworthy as its worst day. These are the boring guarantees that hold when the network is down, a client misbehaves, or someone tries to feed the database junk.
The four questions everyone asks
They all come down to the same worry: does this thing broadcast? It doesn’t. Devices ask; nothing pushes.
How would the app know a Nano is on my WiFi?
The Nano (still in prototype) announces itself on your home network, and the app listens for that announcement — so the moment you open it at home, it can show “protected by Nano.” That’s same-WiFi-only and needs no internet. It’s a completely separate channel from the shared database, which serves warnings without reporter identities and couldn’t tell you a Nano is nearby even if it wanted to.
If a Nano catches something, does it send it to all my PCs?
No. Like the app, it contributes a guarded report to the shared database — it doesn’t message anybody’s computer. Your other devices learn about it the next time they ask: for a network they’re currently on, that’s about every 30 seconds. A paired computer on the same WiFi can also read the Nano’s own log directly — but that’s still your device asking, on demand.
When one PC detects an attack, does it notify every other PC on that WiFi?
There’s no device-to-device messaging at all — devices never ring each other. The detection travels up to the shared database and appears on other devices when they next check. And every device still runs its own local detectors, so in a live attack each one usually catches it on its own within seconds anyway.
If every device catches the same attack, do I get buried in alerts?
No — two layers prevent it. In the shared database, extra reporters raise a corroboration count on one verdict; they don’t multiply entries. And on your screen, alerts only ever come from your own device — one attack, one warning — and it won’t re-nag you about the same flagged network every half-minute.
Eyes that never blink
Today the community’s eyes are the devices running the app. On our workbench: the WifiThreatWatch Nano, a small always-on sensor that would watch your home network 24/7 — even with every laptop in the house asleep — and feed the same shared intelligence. It’s in prototype, not yet for sale.