Knowing the MAC makes the attack reasonable - let's say 5 hours compute for 3080Ti.
Not knowing the MAC makes it exponentially harder. You can still "guess" it, but the search-space is vast and that would take bazillion-years.
So to attack iOS device:
- user has to download the app
- app has to broadcast fake BLE
- some other devices (e.g. Android/RasPi would need to pickup that MAC and pass it to you
Knowing the MAC makes the attack reasonable - let's say 5 hours compute for 3080Ti.
Not knowing the MAC makes it exponentially harder. You can still "guess" it, but the search-space is vast and that would take bazillion-years.
So to attack iOS device: - user has to download the app - app has to broadcast fake BLE - some other devices (e.g. Android/RasPi would need to pickup that MAC and pass it to you