-fobjc-arc I can't say I've heard of as a security tool. It changes the memory model used by the code (manual reference counting vs. ARC), almost all of GTM was written before ARC existed and in some cases, code manual reference counting can be useful as it provides better performance compared to the retain/releases ARC will insert.
If you are using Firebase, I believe that means you get the compiler settings via Cocoapods, I'm not sure if there is a good way to have it wedge in -fstack-protector-all or it has an option to always do it. That might take a little research to see how to make it work through the method you are integrating code from here.
TVL