What does HackerNews think of macstealer?

The knowledge and equipment to hack WiFi-related systems is a lot easier to obtain on most of the world than the cellular equivalent.

In the US, at least, tampering with cell service risks getting the FCC involved, so very few people do it compared to WiFi hacking.

I'm very curious, for example, if the devices that connect to these APs are vulnerable to the WiFi client isolation bypass that was disclosed about a week ago.[1] That seems a lot scarier when there are potentially thousands of random people's personal phones connecting to the same WiFi infrastructure instead of a bunch of more or less trusted corporate devices in an office.

[1] https://github.com/vanhoefm/macstealer

This attack does require bypassing some network security already. It defeats client isolation but the attacker does need to be on the WiFi network already (according to https://github.com/vanhoefm/macstealer).

AP isolation is usually off for all but big hotspots in my experience. This will be a problem for people using AP isolation for preventing their IoT from connecting to other devices in their network, assuming their IoT is malicious, but other than that the risk seems to be mostly with professional/corporate networks.