- VULN-012: Split STATUS into minimal (unauthed: hostname, uptime,
rssi, version, motion, presence) and full (authed: all internals,
build info, target IP, heap, NVS stats)
- VULN-011: Remove mDNS service advertisement and hardcoded "ESP32 CSI
Sensor" instance name; use hostname only
- VULN-021: Increase HMAC tag from 64 bits (16 hex) to 128 bits
(32 hex) — BREAKING: client scripts must update HMAC computation
- VULN-023: Enable PMF (802.11w) in sdkconfig.defaults to prevent
deauth attacks at protocol level
57927c7c22