In fairness to Apple, the feature wasn’t useless, because it did prevent passive sniffing by devices such as the above-referenced CreepyDOL. But the failure to remove the real MAC from port 5353/UDP still meant that anyone connected to a network could pull the unique identifier with no trouble.
The fallout for most iPhone and iPad users is likely to be minimal, if at all. But for people with strict privacy threat models, the failure of these devices to hide real MACs for three years could be a real problem
Are there other phones that successfully obscure the MAC when connected to WiFi networks?
Are there other phones that successfully obscure the MAC when connected to WiFi networks?
It’s my understanding the Android equivalent works.
Has anyone tested or scrutinized it?
Nah.
Apple: BAD!
No need to think any further.
The researchers who discovered the issue literally checked on android.
Every Android phone running Android 10 or newer, but Android 8.0 already randomised MAC addresses for networks not associated with the devices.
What does that mean?
Networks not marked as trusted IIRC.