The characterization of the adversary here being some malicious third party, though traditional, is something of a bogeyman as far as actual risk is concerned. Institutions running large mesh networks are in a privileged position to track users in this way.<p>At Brown University, complete connection logs for each wireless access point have been kept for no less than two years. A group of students last year were given this data and produced a (historical) map of student movement. There is no reason to believe that the University could not or is not rendering such a map in real-time.
Neat idea.<p>As a general aside, when publishing documents that start off as LaTeX, putting them on Github (or some other Git hosting service) would potentially allow others to contribute corrections. There are a bunch of typos in the paper that would be trivial to correct, but of course there's no easy way to submit corrections to a PDF.
I have made something at least similar.<p>There is another post on my site about integrating live visualization with D3 as well.<p>I found that the metadata pertaining to signal strength to be too variable based on device manufacturer to be accurately used for a distance calculation without a lot of individual fine tuning or at the very least triangulation.<p>Triangulation runs into its problems though because of the inaccuracies of usb timing.<p><a href="http://www.coderecon.com/pages/post_4" rel="nofollow">http://www.coderecon.com/pages/post_4</a>
Interestingly, Apple has already started randomizing MAC addresses [1] on iOS (8?) and newer devices. Though maybe not quite as successfully as it seemed at first.<p>[1] <a href="http://www.imore.com/closer-look-ios-8s-mac-randomization" rel="nofollow">http://www.imore.com/closer-look-ios-8s-mac-randomization</a>