A digital nomad working remotely from an undisclosed country discovered their MacBook's weather widget was showing their actual location despite using a VPN with kill switch—a potentially career-ending leak for remote workers whose employers think they're home.
The incident reveals that even experienced digital nomads with years of VPN setups can be caught by unexpected location leaks, particularly in Apple's ecosystem.
The Setup That Should Have Worked
The nomad had a solid technical setup that had worked flawlessly for over four years: - Raspberry Pi running as an OpenVPN server at home - GLiNet router as VPN client with kill switch enabled - MacBook with location services disabled - Location in "the absolute middle of nowhere" with no other WiFi networks for weeks
Every IP check service showed the home location. Google Maps showed home. Apple Maps showed home. By all standard measures, the VPN was working perfectly.
Then the weather widget betrayed them.
When Your Widget Knows Where You Really Are
"Today when I turned my work MacBook on, the weather widget was showing suggestions for places which are at my actual location," they wrote. Even more concerning: their partner's MacBook—used for a completely different company—had the exact same issue on the same day.
This rules out account-level problems or company policy changes. Something in the Apple ecosystem was leaking location data in a way that bypassed traditional VPN protection.
The Theories About What Went Wrong
The digital nomad community offered several potential explanations:
Bluetooth location sharing: The partner has an iPhone with GPS. If the MacBooks were syncing location via Bluetooth through iCloud, this could explain the leak—even with location services "disabled" on the laptops.
iCloud location sync: Apple devices in the same ecosystem may share location data through iCloud in ways that bypass VPN routing.
DNS-based location: Some services use DNS queries to estimate location. If the nomad's Starlink connection (which doesn't have a local IP for the country they're in) made DNS requests, certain services might infer location from response times or routing.
Apple's "location suggestions" algorithm: The weather widget may use multiple signals beyond just IP address—WiFi networks detected (even if not connected), Bluetooth beacons, or device proximity.
Why This Matters for Digital Nomads
For digital nomads working remotely without employer knowledge of their location, a leak like this could be devastating:
- HR software might detect location discrepancies - Time zone stamps on internal communications could raise questions - Security teams monitoring device locations could flag anomalies - Tax and legal compliance issues if work location differs from stated residence
The nomad emphasized they're on a KITAS (Indonesian work permit), speak Indonesian, and are legally residing abroad—but many remote workers operate in legal gray areas where employer discovery could mean termination.
How to Prevent Apple Location Leaks
Digital nomads in the thread offered hardening advice:
Disable location services at the system level, not just per-app. Go to System Preferences > Security & Privacy > Privacy > Location Services and turn it completely off.
Sign out of iCloud on work devices, or use separate Apple IDs that aren't linked to personal devices with GPS.
Don't keep personal iPhones with GPS near work laptops. Physical proximity can enable Bluetooth and WiFi-based location sharing.
Test your location fingerprint regularly. Use multiple services beyond IP checks: browser fingerprinting tools, time zone detection, and DNS leak tests.
Use cellular VPNs for phones, not just router-level VPNs. If your phone is leaking your real location, it can share that with nearby Apple devices.
Consider non-Apple ecosystems for work devices. Windows or Linux laptops may have fewer cross-device location-sharing features.
The best travel isn't about the destination—it's about what you learn along the way. And what digital nomads are learning is that traditional VPN setups aren't enough in the Apple ecosystem—you need to actively prevent device-to-device location sharing that happens at layers most people don't even know exist.
