This is fascinating. I am very curious to find out what the actual cause of this turns out to be.
Bjartr 2 hours ago [-]
Based on that I'd guess either a meditation app company has figured out how to circumvent a lot of controls put in place by Apple, or it's a bug on Apple's side
a34729t 1 hours ago [-]
Or it is a mandated backdoor, and someone internally objected, and made it easier to exploit than it should be, or leaked how to exploit it?
8cvor6j844qw_d6 43 minutes ago [-]
> mandated backdoor
Probably one from the repository of backdoors "accidentally" introduced or "never" discovered.
The mechanism's there, just needs to be woven with other exploits.
_-x-_ 2 hours ago [-]
Yeah, I think the latter is more likely than the former. Perhaps a server side bug that's silently downloading the app on any device that's installed it previously?
donkey_brains 1 hours ago [-]
But why this one specific app and no others?
breppp 10 minutes ago [-]
Headspace leaves health data, that's where my first guess would be
_-x-_ 1 hours ago [-]
Right, that's what confuses me the most. I was very surprised to find the reddit thread showing that other people are also having this specific app silently installed on their devices.
aaron695 23 minutes ago [-]
[dead]
aaronbrethorst 22 minutes ago [-]
I wonder if U2, or Bono, has taken a significant stake in Headspace recently (kidding).
1659447091 27 minutes ago [-]
Do you use iCloud drive?
This might be a stretch as I am taking a guess at the implementation, but apps can sync with iCloud Drive and I keep getting app folders showing up after telling it not sync but the prefs reset after certain states(not quite sure when/how)-- it then creates a new sync folder when interacting with the app again. (after having turned off sync and deleting the folder -- once it resets)
I am wondering if that app had that feature (icloud drive syncing) and something of the reverse is happening. Where you have a document still on icloud drive from when you installed the app. Maybe there is some action or state change going on after interacting with drive on a mac or something similar. And now it's created the right circumstances for icloud drive to try and sync the file but there is no app on any device so it downloads the app instead since it's missing and there is some dangling file looking for its home.
_-x-_ 15 minutes ago [-]
It still doesn't make sense why the app started silently downloading itself 3 days ago when I haven't had it installed in over a year. I do use iCloud drive but do not see anything related to the app inside of it.
1659447091 12 minutes ago [-]
Did you update iOS before it started happening? Wondering if they may have introduced a regression that is now trying to re-sync everything after the last update (sync files may be hidden, I set files to always show)
yokuze 1 hours ago [-]
Do you have Settings > Apps > App Store > (Automatic Downloads) App Downloads turned on?
I noticed apps appearing on my Home Screen I’d never heard of before. Turns out with that setting and Family Purchase sharing turned on, every time my wife installed a new app, it installed on my phone too.
That may not be your exact scenario, but I wonder if turning off that Automatic App Downloads setting (if enabled) changes anything. Could give you a clue, if so.
_-x-_ 1 hours ago [-]
App Downloads and App Updates are both turned off. I don't have anyone else's devices on my account, just me. Thank you for the suggestions though!
NetOpWibby 2 minutes ago [-]
_Severance intensifies_
con 10 minutes ago [-]
Just checked and it also installed itself on my phone. iPhone 17 Pro, non-US App Store, on latest iOS beta, no MDM. Sounds like an Apple Store bug to me.
COFyumo 1 hours ago [-]
I have the same exact thing happening. I deleted the app a few days ago when was surprised to see it in my app list.
I had previously downloaded the app but and removed it because I never used it. A few days ago I noticed the app when browsing through my app list and thought maybe I didnt delete it properly, so I made sure to delete it. Then this morning my iPhone updated software versions and I found he Headpsace app again on my home, except this time it was grayed out and waiting for me to go on wifi to download.
I just deleted it again but am equally dumbfounded
_-x-_ 18 minutes ago [-]
That's interesting that it still showed up on your homescreen despite not being able to download
bastawhiz 47 minutes ago [-]
Do you have MDM enabled on your device? Does your company offer Headspace as a perk and some arcane set of sketchy business agreements led to auto install policy in your company's MDM solution?
_-x-_ 19 minutes ago [-]
No MDM installed
a34729t 1 hours ago [-]
I would call Apple support; you might even get an engineer call you back. I am sure they would love to know what the hell is going on.
janstice 3 hours ago [-]
Is your phone connected to some work mobile device management? I could imagine someone has a jinxed Jamf or intune rule that is pushing things out.
_-x-_ 3 hours ago [-]
No, this is my personal device. It has never been connected to any MDM.
Schiendelman 2 hours ago [-]
Have you actually checked your device management settings?
_-x-_ 2 hours ago [-]
Yes. In Settings > General > VPN & Device Management, it says 'Sign in to Work or School Account'. Is there a different device management setting that I should be looking at?
Schiendelman 2 hours ago [-]
That's the one. I was worried you might have something you didn't know about!
teruakohatu 2 hours ago [-]
Yes, there are alt app stores that try to get you to agree to installing a MDM
k310 3 hours ago [-]
Did you ever install it, or Ginger?
An app store search also turned up "Headspace Care" (Ginger)
Ginger is now Headspace Care
It would be beyond malware for an app to install itself, since there's that app store hurdle to leap. (IMO)
_-x-_ 3 hours ago [-]
I installed the app in March of last year, and then deleted it the same day because I didn't want to pay for the subscription
DavideNL 25 minutes ago [-]
@_-x-_: "Settings > App Store > Show Install Confirmations > On".
Maybe that helps?
altairprime 25 minutes ago [-]
The iOS reviews for the app also confirm this story affecting others.
treexs 2 hours ago [-]
this is the plot of Persona 5
rootsudo 1 hours ago [-]
He can be the joker we need.
efilife 31 minutes ago [-]
how heavy of a spoiler is this? I wanted to play it
applfanboysbgon 11 minutes ago [-]
It's not really a spoiler. It is something that happens near the beginning of the game.
rglover 3 hours ago [-]
If you've ever installed any companion app on your desktop macOS, your phone will try to sync apps (I think the same with Apple TV). Caught me off guard a few times.
_-x-_ 3 hours ago [-]
No, I've never downloaded it on my desktop. It appears that I downloaded it onto my phone over a year ago (I got an email in my inbox), but didn't want to pay for it so I deleted it.
mandeepj 3 hours ago [-]
How did you find that? Any notification?
_-x-_ 3 hours ago [-]
It just appears on my homescreen
psynixx 4 hours ago [-]
I’ve been getting this too, same app same behaviour…
Anyone been able to figure out what is causing this?
_-x-_ 3 hours ago [-]
Have you downloaded the app before?
meloyc 1 hours ago [-]
jailbreak phone?
_-x-_ 20 minutes ago [-]
Negative
3 hours ago [-]
lovich 2 hours ago [-]
Guess the corporations are taking the mask off.
And before anyone accuses me of being paranoid, this should have never been possible.
The fact that it’s happening shows that they always had the ability and either made a mistake to show their hand now or stopped giving a shit if we cared.
firecall 6 minutes ago [-]
> The fact that it’s happening shows that they always had the ability...
That may not be the case here, and certainly isn't the assumption we can make more generally.
We regularly see regressions in platform security.
anon84873628 1 hours ago [-]
At least they're exposing their nefarious plans for the purposes of... Offering people mental healthcare?
It's probably just some Apple bug.
lovich 19 minutes ago [-]
Why did a mental healthcare company have the ability to exploit this?
Do you think they accidentally found this 5 seconds before their exploit was launched or do you think they might have actually put some effort into doing this since they are an organization of people.
kennywinker 5 minutes ago [-]
I am pretty skeptical it’s intentional. Very risky move. If they make apple look bad they can say goodbye to getting featured in the app store, or could even get pulled from the store completely.
I can see a fucked up ceo greenlighting a trick to get their app installed on your phone without asking. I can’t really see them having it repeatedly download.
I suspect it’s a bug, or worst case a backdoor that’s been triggered with a commercial app instead of spyware accidentally or “accidentally”.
lovich 1 hours ago [-]
[flagged]
slater 1 hours ago [-]
Please don't comment about the voting on comments. It never does any good, and it makes boring reading.
When this forum handles the bot and propaganda problem I might consider those rules.
Currently we are inundated by accounts who don’t give a shit and make a new automatically 3 seconds after their flagging.
As long as those accounts are allowed I don’t really care for the stated rules that aren’t actually enforced.
throwaway5465 3 hours ago [-]
Maybe a competitor is trying to FUD them?
_-x-_ 3 hours ago [-]
I would imagine that this isn't (or at least shouldn't be) possible based on Apple's security. The app is automatically downloading to my phone without my permission.
xinji-standard 3 hours ago [-]
[dead]
Rendered at 05:07:14 GMT+0000 (Coordinated Universal Time) with Vercel.
Probably one from the repository of backdoors "accidentally" introduced or "never" discovered.
The mechanism's there, just needs to be woven with other exploits.
This might be a stretch as I am taking a guess at the implementation, but apps can sync with iCloud Drive and I keep getting app folders showing up after telling it not sync but the prefs reset after certain states(not quite sure when/how)-- it then creates a new sync folder when interacting with the app again. (after having turned off sync and deleting the folder -- once it resets)
I am wondering if that app had that feature (icloud drive syncing) and something of the reverse is happening. Where you have a document still on icloud drive from when you installed the app. Maybe there is some action or state change going on after interacting with drive on a mac or something similar. And now it's created the right circumstances for icloud drive to try and sync the file but there is no app on any device so it downloads the app instead since it's missing and there is some dangling file looking for its home.
I noticed apps appearing on my Home Screen I’d never heard of before. Turns out with that setting and Family Purchase sharing turned on, every time my wife installed a new app, it installed on my phone too.
That may not be your exact scenario, but I wonder if turning off that Automatic App Downloads setting (if enabled) changes anything. Could give you a clue, if so.
I had previously downloaded the app but and removed it because I never used it. A few days ago I noticed the app when browsing through my app list and thought maybe I didnt delete it properly, so I made sure to delete it. Then this morning my iPhone updated software versions and I found he Headpsace app again on my home, except this time it was grayed out and waiting for me to go on wifi to download.
I just deleted it again but am equally dumbfounded
An app store search also turned up "Headspace Care" (Ginger)
Ginger is now Headspace Care
It would be beyond malware for an app to install itself, since there's that app store hurdle to leap. (IMO)
Maybe that helps?
And before anyone accuses me of being paranoid, this should have never been possible.
The fact that it’s happening shows that they always had the ability and either made a mistake to show their hand now or stopped giving a shit if we cared.
That may not be the case here, and certainly isn't the assumption we can make more generally.
We regularly see regressions in platform security.
It's probably just some Apple bug.
Do you think they accidentally found this 5 seconds before their exploit was launched or do you think they might have actually put some effort into doing this since they are an organization of people.
I can see a fucked up ceo greenlighting a trick to get their app installed on your phone without asking. I can’t really see them having it repeatedly download.
I suspect it’s a bug, or worst case a backdoor that’s been triggered with a commercial app instead of spyware accidentally or “accidentally”.
https://news.ycombinator.com/newsguidelines.html
Currently we are inundated by accounts who don’t give a shit and make a new automatically 3 seconds after their flagging.
As long as those accounts are allowed I don’t really care for the stated rules that aren’t actually enforced.