> What analytics can a network extracxt [sic] from Passpoint traffic?

> Generally speaking, the local network will have visibility of the same client traffic it would see on any guest network, but it will not have visibility of the subscriber identity or any persistent identifiers other than the associated device’s MAC address

> From an analytics perspective, the major benefits of Passpoint are that it creates a much larger and more complete picture of visitor activity. Since a much higher percentage of visitors will be automatically associated with the network and their behavior and traffic will be visible to the local network, the value of any location, business, and security analytics in use will be improved.

... so the temporary host can theoretically MITM the connection and that's a feature? They don't just VPN everything from the phone to the ISP? :/

Sure, most traffic should be encrypted, but your neighbour could still see (and block) e.g. traditional DNS requests. Are DoH or DoTLS enabled by default yet under iOS?

Not great, IMO. :/

I'm pretty sure this kills all the MAC address randomisation and anonymized WiFi scanning features built into iOS when walking across a covered area. They've put all this effort in not being able to trace single phones through buildings and squares with randomised identifiers and then decided to automatically associate with magical networks, solidifying the MAC address for an extended period of time, bringing back the real-time tracking of unsuspecting people. Quite disappointing, in my opinion.

> there's really nothing to worry about except calls dropping due to Wifi switchover

When this happens: (my = family)

1) my devices are no longer behind my firewall or pihole

2) my devices can no longer access PLEX

3) my devices can no longer access my security system, cameras, etc

4) airdrop will fail

My network is my network, when I’m at home I want my devices to be on my network, not randomly dropping out and connecting to random hotspots multiple floors/houses away

That's nice but when carriers abuse shitty home routers for these WiFi APs the networks are absolutely not to be trusted.