When your tablet or any other wireless device first connects to your router, there’s a good deal of handshaking that occurs before access is granted. Any competent network hacker could sniff a few of the packets that transmit between your device and your router and extract the MAC address from the headers. If that’s the the ONLY protection you have, they can now spoof your MAC address and gain access to your device. MAC address spoofing is really not difficult, and there are publicly-available tools to do it on the Internet.
What you’re describing is what my network engineer buddy calls “MAC splat” where a device just spams an AP with MAC traffic if that’s the only thing keeping the device off the network. MOST APs, even consumer-grade, have DDOS protections that would log these attempts and block the originator for minutes or hours, depending on the setting.
If you have other safeguards in place such as WPA2 AES encryption, hidden SSID, and you’ve turned off things such as WPS, then you’re as safe as you will ever be without configuring additional authentication infrastructure. Just remember that all of the negotiation process happens in clear text, so if you’re connecting to a wireless device for the first time, know that information such as your MAC address is being distributed in the handshaking packets, and there’s really little you can do about it.
Thanks for the further information.
> ...could sniff a few of the packets that transmit between your device and your router and extract the MAC address from the headers.
I didn’t think about that address too being transmitted through the air. Obviously it would have to be.
> If you have other safeguards in place such as WPA2 AES encryption, hidden SSID, and you’ve turned off things such as WPS...
I do have that encryption, and had turned off WPS after reading about problems with that previously. I notice that I have SSID Broadcast enabled, but I’ll disable it. Thanks.