For example, some applications expect each device to have a unique, permanent address instead of a randomly-generated changing one.
For example, Zuniga said, hotels that charge for Wi-Fi may use this address to identify the device as being paid up for the next 24 hours.
"And if your identifier changes, you would have to pay again," he said.
Another possible complication is if an enterprise uses these identifiers for authentication into corporate networks.
Developers who have become accustomed to using MAC addresses in this way should start planning for alternate identification mechanism, which could include secure tokens or standalone apps.
Zuniga pointed to recent news reports about international business travelers targeted by espionage as evidence that this security hole needs to be plugged.
"Whether it's an intelligence agency or a commercial entity doing non-privacy-friendly practices -- or a criminal -- for us, it doesn't make a difference," Zuniga said. "Anywhere you have these Wi-Fi identifiers today, anyone with simple PC tools can open them up and start sniffing the air."
Sign up for Computerworld eNewsletters.