Bluetooth desperately needs mac randomization. Wifi mac randomization is welcome, but it doesn't do much when many (most?) people have bluetooth accessories broadcasting a persistent identifier whenever they're on.

> Bluetooth desperately needs mac randomization.

Bluetooth already has a well developed MAC randomization scheme.

Lookup "resolvable private address". The short of it is, your phone can find your headphones or vice-versa, despite one or both having random addresses. The addresses can be regenerated or rotate at an interval (say 15 minutes). The first part of the address is a nonce (pRand), and the rest of the address is a 24-bit hash of pRand with an identity resolving key (IRK). So the other party just listens passively for addresses, and sees if any of them happen to have the right hash.

I don't think this is as airtight as people think it is. Certainly, if you are following somebody and one address disappears right as another appears (rotation), it's quite easy to infer the new/old addresses belong to one device. I tried briefly to convince the Android developers to synchronize that rotation globally.

You can also probably infer that if you see a pair of random MACs arrive, and they have a certain pattern of timing and payload size, you can say with some certainty that they are particular devices, say an iPhone and an Apple Watch. But that requires sophisticated equipment since most Bluetooth LE communication is over a non-cryptographic frequency hopping arrangement.

Lastly, radio fingerprinting is widely known in academia, but requires special equipment.

Random Bluetooth MACs are already possible. iOS devices have been doing it for years alongside the random Wi-Fi MACs.