I investigated the tablet filesystem a bit further and found out that wpa_supplicant was not the only binary that had access to WiFi config - there was another! p2p_supplicant could be abused to the same effect but even if it became corrupt, it wouldn't matter because the Wi-Fi Direct features it provided would fail silently and were never used on this tablet.

I was ready with my 1.1 app now!

I sent it to an eager beta tester/neighbor and awaited results.

... and then I got foiled by chocolate.

It turned out of all the neighbors I could have sent my WiFi password revealer app to, the one that volunteered had a tablet running not Jelly Bean but Android OS 4.4.2 KitKat which was the last officially supported OS on the Galaxy Tab 3 10.1.

AND THERE WAS NO LONGER A SEPARATE P2P_SUPPLICANT BINARY ON IT!!!!!1111111

I coded my app so it would show a "Device unsupported" warning and it triggered, preventing my neighbor from experiencing my awesome app.

I needed to take a break and regroup.