I seem to be getting a lot of false positives without a locally administered MAC addresses support. It's unnecessary, and can be unsettling for the less tech-savvy users of some of our shared household laptops.
This is what I mean by false positives:
We have several desktop PCs on VPN and they generate locally administered MAC addresses upon each new and refreshed VPN connection. These are MACs with 2, 6, A, and E the first octet (see here for details). These are randomly generated, non-repeating local virtual MAC addresses for the sole purpose of secure VPN anonymity.
Simply put, WiFi Guard currently has no concept of locally administered MACs, but should. In this day and age of network security, VPN is becoming more common as are randomized local virtual MAC addresses.
WiFi Guard needs to be updated with an option to ignore or consider safe, locally administered MAC addresses, at the user's discretion. I have found no other software that yet understand the concept and the innocuous nature of VPN-related locally administered MACs. If WiFi Guard gets this feature, it will be one of the most popular monitoring utilities. It's understandable that you didn't initially put the feature in, but as I said earlier, local virtual MACs are on the rise.
Thank you for your feedback and suggestion. We have added a setting that allows you to automatically mark devices with locally administered MAC addresses as known.
Please download the latest version, then go to Settings - Whitelisting, and enable the "Automatically mark locally administered addresses as known" setting. After that, all future scans should treat those devices as known and not bother you with pop-ups.