Know your neighborhood's RF. Keep your family safer.

What it does

MyGLE is a fork of the excellent WiGLE WiFi Wardriving app with an additional publisher that ships the phone's observations to your own TLS-encrypted MQTT broker. From there, a sibling server-side project decodes and stores the data — the phone is the sensor, the server is the brain.

Why a community project?

Personal security isn't just door locks and passwords anymore — the air around your home is full of signals that tell a story. Most of that story is harmless: a neighbor's printer, a car's tire sensor, a visiting cousin's phone. But sometimes it's worth asking what is that, and having your own record to ask it from.

MyGLE exists so families, small communities, and privacy-conscious folks can answer that question with their own data, on their own terms. The app is open and runs on a phone you already own. The server side can be something you host yourself — or, eventually, something we host for you.

What's working today

2026-04-19 this afternoon — api.mygle.net is live.

• Public MyGLE REST API is live at api.mygle.net. Ships with Tier 2 anonymous device auth (each device registers a hardware-backed Ed25519 keypair with the server; no email ever required to hold an account), a real cell-tower search endpoint that joins per-user observations against a tower-position dataset (not a stub), and an account-gated auto-ingest toggle for CSV uploads (off by default for anonymous devices; on by default for Tier 1 accounts, user-togglable either way). Path shapes mirror the WiGLE API so existing tooling can point at MyGLE by swapping the base URL.
• Dual-mode URL resolution, shipped end-to-end. The app ships defaulting to WiGLE mode for continuity with the existing community workflow. Flip the drawer toggle to MyGLE mode and every network call — news, search, upload, registration, rankings, stats, CSV/KML export — routes to your chosen MyGLE server instead of api.wigle.net. Default MyGLE base URL is api.mygle.net; self-hosters paste their own URL in Settings. Mode flip is live, no restart. Our server is never a chokepoint — user bandwidth, user key, user tiles.
• MapLibre ambient tile cache (default behavior), shipped. The map now uses MapLibre in place of the inherited Google Maps SDK. MapLibre keeps its own on-device tile cache by default, so recently-viewed regions stay available offline automatically — no user action required. Tile style URLs and base URLs are user-configurable preferences; Esri World Imagery is the default satellite layer. Full user-facing cache controls (configurable size, TTL, clear-on-exit, storage inspector) are on the near-term roadmap — see below. No tile bandwidth touches MyGLE infrastructure.

2026-04-19 earlier today — architecture round.

• Two app modes, user-flippable anytime. MyGLE mode and WiGLE mode. Map sources, uploads, news, and rankings switch by mode; scanning and filter lists behave the same in both. The nav-drawer shows Mode: WiGLE or Mode: MyGLE — tap to flip. Not a one-time choice.
• Lists is a first-class menu item. Blacklist / Notify / Whitelist each get a dedicated card with live entry counts at the top-level nav drawer — no more hunting through settings.
• Filter-list badges in the network list. Devices on your Blacklist / Whitelist / Notify lists show a visual badge on their row, so you can see the filter is actually applying.
• Configurable add-to-list. Long-press a detected network and pick what to match on — exact BSSID, BSSID prefix, SSID only, or any combination. No more adding ten entries for one router.
• Crash reports go where you choose. Two paths, both opt-in: user-initiated email via the Android share sheet, and an opt-in MQTT crash_report_message publish that lands on your broker. Pick one, both, or neither. Zero third-party crash SDKs.
• Server backend grew beyond ingest. New REST endpoints for the MyGLE-mode experience: bounding-box observations for the map, global BSSID/SSID search, bulk upload for MyGLE-mode uploads, server-authored news, and a per-device dashboard. Full schema contract documented as a cross-project SSoT.
• End-to-end roundtrip smoke-tested. During the R5 cycle: +1102 observations captured on a Pixel 3 → published to the broker → ingested by the server → queryable via REST within seconds.
• Plugins are the architectural pillar. The phone collects clean observation data; plugins interpret it. Near-term plugins include a cell-tower anomaly / IMSI-catcher correlator, an Evil-Twin WiFi detector, and LLM-assisted natural-language analysis with your own API key (Anthropic, OpenAI, OpenRouter, or a local Ollama — you pick).

2026-04-18 yesterday — public-release prep.

• Credentials-clean public build. Stripped all internal broker host / IP pin / username / password defaults from the APK. The public build ships with nothing baked in — users configure their own broker (or use the public demo endpoint) on first MQTT enable.
• First-use MQTT disclosure dialog. The first time you turn on MQTT publishing, the app shows a non-cancelable dialog explaining exactly what's captured, what leaves the device, where it goes, and how to turn it back off. You have to tap Enable before any data leaves the phone.
• Opt-in by default. mqtt_enabled default = false. publish_ble default = false. Nothing transmits until you explicitly enable a destination.
• Self-hosted demo stack. One command — docker compose -f docker-compose.demo.yml up — boots a local Mosquitto broker + ingest + REST API so you can verify the full pipeline on your own machine.

v0.1.0 2026-04-17 — first field build.

The end-to-end pipeline is real and demonstrated: a Pixel 3 XL captures observations on a walk, ships them over MQTT (plaintext to a local broker during testing; TLS path via the server-side nginx proxy is in place), and the server writes them to SQLite. All four streams publish live during motion.

Demonstrated & tested:

• All four observation streams — BLE (with raw mfgData retained for server-side decode), WiFi beacons, cellular (LTE / NR / GSM / UMTS / CDMA), and per-satellite GNSS. Network-Survey-format JSON over MQTT.
• Three-mode filter lists — Blacklist (drop matched observations before any persist or publish — your own gear stays out of every destination), Notify (collect everything, but ping when a target appears — surveillance assistant), Whitelist (only collect matches — device hunting). Match by MAC, BSSID, SSID, or OUI prefix (AA:BB:CC:*).
• Add-to-filter shortcuts — long-press any detected network in the scanning list to send it straight into a filter list, or open the per-list management screen and add manually.
• Call Detail Record capture (opt-in) — when enabled, snapshots phone-call state transitions and durations (no phone numbers, no contents — uses READ_PHONE_STATE only).
• Re-skinned — action bar, page titles, and every screen read "MyGLE". Distinct launcher label from production WiGLE.
• Settings live inside Settings — the app's existing Settings screen has a new "MyGLE Publishing" section. Toggle publishing globally or per topic. Override broker host / port / auth / prefix. Set a device label.
• Stable per-device identity (UUID + human-readable label) for fleet-provisioning the same APK across many phones.
• UTC timestamps + IANA timezone field on every record so the server can render observation times in the user's local clock.
• Side-by-side install with production WiGLE (distinct application ID, zero state collision).
• Fully containerized build pipeline — no Android SDK on your host.

Shipped but not yet demonstrated in the field: the following code is in the build, but we haven't yet witnessed them fire during a real-world walk. Treat them as "expected to work, waiting on a real opportunity to confirm."

• Drone RemoteID detection — code watches for ASTM F3411 BLE advertisements and would fire a heads-up Android notification when one appears. No drone has been nearby during our testing windows yet, so this is shipped-as-intention, not shipped-as-proven.
• "Upload your way" button UX — components exist (WiGLE uploads, MQTT publishing, a local replay queue). A unified single-button experience that asks WiGLE / MQTT / both is the intent; the actual production UX is still being shaped.

Data we're already collecting that feeds future analysis (via plugins):

• Cell-tower anomaly / IMSI-catcher / Stingray-style detection inputs. The per-call CDR capture (timing + state transitions) plus the continuous stream of cell-tower observations (LTE / NR / GSM / UMTS / CDMA — band, tower ID, signal, neighbors) together provide the raw data an analytical plugin needs to spot a classic tower-spoof pattern: your serving cell suddenly downgrades to 2G right before a call, or a known location's tower ID changes mid-session. The collection is proven; the correlation plugin that turns those signals into a "you were just around a spoofed tower" alert is a near-term roadmap item, not shipped today.
• Evil-Twin WiFi detection inputs. The per-scan WiFi observations plus the device's per-location history of trusted APs is the raw data for a plugin that flags "this SSID is advertising with a new BSSID / new encryption" (classic Evil Twin). Again: data collected today; plugin pending.

The program's architectural position: the phone is a sensor that collects clean observation data; analytical plugins — server-side and/or app-side — are where raw data becomes meaningful insight. Plugins include LLM-assisted analysis with a user-provided API key (Anthropic, OpenAI, OpenRouter, or a local Ollama) so users who don't want a hosted backend can still ask natural-language questions against their own phone's local database. See the roadmap section for the two paths (server-side via MCP, app-side via BYO API key).

Full history in CHANGELOG.md; full backlog in ROADMAP.md. We try to be honest about what's proven vs. what's intention — if you see a claim on this page that doesn't match your experience of the build, tell us.

Privacy-focused features

MyGLE is designed for users who care what leaves their device and what stays on it. A few features serve that directly, both shipped today and on the near-term roadmap:

• Opt-in to every destination. Nothing leaves the phone unless you explicitly enable a destination and supply its address. No baked-in servers, no analytics, no crash-reporting SDKs, no Google Play install tracking.
• Two account tiers. Tier 1 is the easy path — email + optional password, magic-link recovery. Tier 2 is the email-less path — username + passphrase only, no email trail ever associated with the account. Recovery on Tier 2 is limited to your own registered devices; there's no "reset via email" because there's no email.
• Device roles. A phone can be registered as a Limited device — it publishes observations but cannot read server-side data (no search, no maps, no stats). Compromising a Limited device reveals the app and the broker address, nothing more. (Near-term.)
• Wire-only storage mode. Opt-in flag that bypasses the on-device database entirely — observations flow to the outbound queue and then to your chosen broker; no local history is kept. Device forensic analysis finds no observation record. (Near-term.)
• Configurable push triggers. Push only when on specific WiFi networks you trust (home, a particular café), only on cellular, only when charging, or combinations. Useful if you don't want traffic patterns to indicate where and when you are. (Near-term.)
• Hardware-backed device identity. Each device registers via a hardware-backed KeyStore keypair (with StrongBox where supported). Spoofing the identity requires physical possession + root; the key never leaves the phone's secure element. (Near-term.)
• Self-host everything. Run your own mygle-server — one docker compose up away — and no observation data touches third-party infrastructure.
• Server-side filter-list hosting (v2 roadmap) — your Blacklist / Whitelist / Notify entries live on the server instead of the device, so device forensics can't leak which SSIDs or BSSIDs you're watching.

Where it's headed

The short answer: make the privacy controls excellent, make the background behavior boring-reliable, and open up a server-side project so people don't have to stand their own up to get value.

Full backlog + architectural principles live in ROADMAP.md. If you'd like to suggest a priority, drop a note.

Build it yourself

The whole build runs inside a container — no Android SDK install required on your machine. If you can run Docker, you can build MyGLE.

git clone <repo-url> mygle
cd mygle/docker
./build-apk.sh

First build pulls Gradle, the Android SDK, and all dependencies into a named volume. Subsequent builds reuse the cache. The APK lands at:

wigle-app/wiglewifiwardriving/build/outputs/apk/debug/wiglewifiwardriving-debug.apk

Install via ADB:

adb install -r wigle-app/wiglewifiwardriving/build/outputs/apk/debug/wiglewifiwardriving-debug.apk

MyGLE installs under a distinct application ID (with a .mygle suffix on debug builds), so it runs side-by-side with production WiGLE without conflict. The launcher label shows as MyGLE so you can tell them apart.

Configure

Defaults are baked in — broker, TLS, all four publishers on. Override from inside the app (action bar overflow → mygle settings) for broker host/port/auth/topic-prefix, or set a human-readable Device label if you're fleet-provisioning multiple phones with the same APK.

A big thank-you to WiGLE

Say hello

Questions, ideas, RemoteID oddities you've spotted, or just interest in following along? Drop a note:

Email

hello@mygle.net

Mirror domain

mygle.org → redirects here.

Mail is hosted on a self-run Stalwart server — no third-party mailboxes, no training on your words, no surprise filters.