Is MAC whitelisting anything but security theater? Isn't it trivial to determine a valid client MAC then spoof it?