External Publication
Visit Post

Wherefam

Privacy Guides Community [Unofficial] May 29, 2026
Source

dada_goose:

Any privacy/security red flags to consider?

Plenty:

github.com/WhereFam/WhereFam-iOS

app/Manager/LocationManager.swift

e6067f5c8

    4. @MainActor


    5. final class LocationManager: NSObject, ObservableObject {


    6.     static let shared = LocationManager()


    7.     @Published var userLocation: CLLocation?


    8.     @Published var authorizationStatus: CLAuthorizationStatus = .notDetermined


    9.     @Published var currentPlaceName: String?


    10.

    11.     weak var rpc: RPCViewModel?


    12.

    13.     private let manager  = CLLocationManager()


    14.     private let geocoder = CLGeocoder()


    15.     private var lastBroadcast: CLLocation?


    16.     private var lastGeocode: CLLocation?


    17.     private var continuations: [UUID: AsyncStream<CLLocation>.Continuation] = [:]


    18.

    19.     private override init() {


    20.         super.init()


    21.         manager.delegate = self


    22.         manager.desiredAccuracy = kCLLocationAccuracyBest


    23.         manager.distanceFilter  = kCLDistanceFilterNone  // accept all updates in simulator


    24.         manager.activityType    = .other

Line #14 states this:

private let geocoder = CLGeocoder()

That contacts Apple’s geocoding servers to convert coordinates into a human-readable place name.

github.com/WhereFam/WhereFam-KMP

iosApp/iosApp/Info.plist

8a82b9b2b

    7. 	<key>NSAppTransportSecurity</key>


    8. 	<dict>


    9. 		<key>NSAllowsArbitraryLoads</key>


    10. 		<true/>

github.com/WhereFam/WhereFam-iOS

project.yml

e6067f5c8

    61. NSAppTransportSecurity:


    62.   NSAllowsArbitraryLoads: true

The latter line disable Apple’s App Transport Security globally, allowing the app to make unencrypted HTTP connections to arbitrary endpoints.

github.com/WhereFam/WhereFam-iOS

project.yml

e6067f5c8

    12. MapLibreNative:


    13.   url: https://github.com/maplibre/maplibre-gl-native-distribution


    14.   from: 6.25.0

github.com/WhereFam/WhereFam-iOS

project.yml

e6067f5c8

    91. - package: MapLibreNative


    92.   product: MapLibre

MapLibre uses external map tile servers, so the claim of the app not using servers is false.

github.com

GitHub - WhereFam/WhereFam-iOS: Find friends and family globally, securely, and...

Find friends and family globally, securely, and privately without middle-man

Roadmap

  • Group Based location sharing
  • Places alerts
  • Location History
  • Local Roadside Assitance
  • SOS alerts / Emergency services

The major problem with this roadmap is that crucial safety features are listed at the very end of it instead of at the beginning. The “Assitance” typo is minor.

I can list more, but I believe I have done enough damage in this topic.

Discussion in the ATmosphere

Loading comments...