I seem to be getting a lot of false positives without a locally administered MAC addresses support. It's unnecessary, and can be unsettling for the less tech-savvy users of some of our shared household laptops.
This is what I mean by false positives:
We have several desktop PCs on VPN and they generate locally administered MAC addresses upon each new and refreshed VPN connection. These are MACs with 2, 6, A, and E the first octet (see here for details). These are randomly generated, non-repeating local virtual MAC addresses for the sole purpose of secure VPN anonymity.
Simply put, WiFi Guard currently has no concept of locally administered MACs, but should. In this day and age of network security, VPN is becoming more common as are randomized local virtual MAC addresses.
WiFi Guard needs to be updated with an option to ignore or consider safe, locally administered MAC addresses, at the user's discretion. I have found no other software that yet understand the concept and the innocuous nature of VPN-related locally administered MACs. If WiFi Guard gets this feature, it will be one of the most popular monitoring utilities. It's understandable that you didn't initially put the feature in, but as I said earlier, local virtual MACs are on the rise.