Alan Browne wrote on Thu, 30 May 2024 19:18:55 -0400 :

> The "general" case is that it is absolutely not an Apple issue.
> SSID/BSSID's are OPENLY AND LOUDLY BROADCAST WORLDIWDE IN THE BILLIONS.

The fact is you're defending Apple's holes, to the death, no matter what.

Every desperate excuse you make for the flaws in Apple's implementation
show you not understand what only Apple does that's different here.

Worse, you were not aware the outward facing MAC address cannot be cloned
(in almost all routers and particularly in the tested travel routers).

And you were not aware that the SSID is meaningless for this exploit, other
than the workaround that Apple suggested (of appending _nomac to the SSID).

Furthermore, you're still not aware that a "hidden broadcast" has been a
feature of nearly every router since the dawn of Wi-Fi, where the mere act
of clicking that checkbox prevents the BSSID from being *uploaded* to the
Google and Apple and Mozilla and Wigle databases, by default. (See notes in
the sig, given the Apple religious zealots don't understand this issue).

While you're frantically desperate to fabricate excuses for Apple's
vulnerabilities, you don't ever show any understanding of them.

Notes in the sig given Apple religious zealots don't understand anything.
--
Note 1: The hidden broadcast won't hide the BSSID from a seasoned attacker
(such as a Google or Apple transit vehicle - depending on how its code is
written); but the mere act of hiding the SSID broadcast packet has been
proven to prevent the normal users' device (i.e., mobile phones) from
uploading your BSSID using the typical software that we are speaking about

Note 2: Since the Apple religious zealots act only out of franctic
desperation to make excuses for all Apple's vulnerabilities, it should be
noted that an intelligent person knows the difference between the upload of
the BSSID (which is a first-order issue) vs the deletion of the BSSID from
the Internet databases (which requires second-order software processing).

Note 3: There's no way the Apple religious zealots will understand the two
notes above, but for the intelligent people reading this thread, it should
be noted that if you do hide your broadcast packets, then you often might
want to set your client (such as a phone) to "remember" and "reconnect";
but this has other issues - where the Apple zealots won't understand but
you might understand that the "remember" is fine (unless you're worried
about your phone being stolen) but the "automatic reconnect" should be
turned off because that setting causes the phone to seek out the named AP.