The article points out that the the Apple API (but not the Google API) leaks a large set of local BSSIDs, affording a surveillance that Google does not.

@geektoybox @briankrebs