I googled around and found a couple reddit threads with people reporting the exact same thing starting 2 or 3 days ago. There were reports from people on iPhone 12 and iPhone 17 so it doesn't seem device-specific.
Anyone else seeing this? Does anyone understand how or why this is happening?
if it is, in fact, something nefarious at play that would be a pretty crazy 2026 era exploit. but i'm certain it's a bug/artifact of some sort that, for whatever reason, affects this specific app.
It's hard to imagine what Headspace would like to achieve if this were an exploit executed by them. It's so salient, that it makes no sense to do on purpose. At least some portion of Apple employees and their families are going to be affected by this, and this would escalate to the legal department immediately.
My money is on Apple being the buggy one here.
Yeah I'm thinking some sort of test artifact bleeding into prod and subject so some nightly process is likely the case.
Probably one from the repository of backdoors "accidentally" introduced or "never" discovered.
The mechanism's there, just needs to be woven with other exploits.
In 2017 it was an endless crash loop caused by any app with local time-based notifications.... Which for almost everyone at the Apple store I visited was meditation apps with daily meditation reminders (in Australia we were among the first to wake up on that affected date. The fix went out before most of the remaining world woke up)
I wonder if the daily reminder is triggering a reinstall? Perhaps try disabling the reminders before uninstalling.
I noticed apps appearing on my Home Screen I’d never heard of before. Turns out with that setting and Family Purchase sharing turned on, every time my wife installed a new app, it installed on my phone too.
That may not be your exact scenario, but I wonder if turning off that Automatic App Downloads setting (if enabled) changes anything. Could give you a clue, if so.
Now imagine you’re roaming during a 10-day vacation…and you think you’re in control :) …
I had previously downloaded the app but and removed it because I never used it. A few days ago I noticed the app when browsing through my app list and thought maybe I didnt delete it properly, so I made sure to delete it. Then this morning my iPhone updated software versions and I found he Headpsace app again on my home, except this time it was grayed out and waiting for me to go on wifi to download.
I just deleted it again but am equally dumbfounded
Damned if you pay them, damned if you don't.
This might be a stretch as I am taking a guess at the implementation, but apps can sync with iCloud Drive and I keep getting app folders showing up after telling it not sync but the prefs reset after certain states(not quite sure when/how)-- it then creates a new sync folder when interacting with the app again. (after having turned off sync and deleting the folder -- once it resets)
I am wondering if that app had that feature (icloud drive syncing) and something of the reverse is happening. Where you have a document still on icloud drive from when you installed the app. Maybe there is some action or state change going on after interacting with drive on a mac or something similar. And now it's created the right circumstances for icloud drive to try and sync the file but there is no app on any device so it downloads the app instead since it's missing and there is some dangling file looking for its home.
I'm currently with a 13 mini (26.4.2), never had this app installed, and am not encountering this issue.
https://appgoblin.info/apps/493145008/sdks
I see normal development and tracking SDKs. If anyone sees something interesting let me know.
Even analytics SDKs is a bit weird to see. Are Amplitude or Sentry hosting data with a healthcare compliant infrastructure ? I won’t bet. Are those SDKs for sure not leaking health care data? It can be inadvertently, especially with Sentry. But I really wonder about why people feel the need to track so much. Do they **** in front of PowerPoint slides showing the tracking data or is it to sell user data?
My trust is very low. Having healthcare data in a Sentry payload by mistake happens to the best of us.
I’m on the 26.5 beta and not seeing it at all.
An app store search also turned up "Headspace Care" (Ginger)
Ginger is now Headspace Care
It would be beyond malware for an app to install itself, since there's that app store hurdle to leap. (IMO)
> Automatic downloads are turned off
Isn't it funny that we're so used to the misuse of language (ie lies) that this isn't even a point? I'm talking about software flags to represent your choices, that are merely an 'aspirational intention' and don't actually correlate with reality.
In my world, it shouldn't be possible to override 'turned off automatic downloads'. 'Off' shouldn't be a pacifier for the user, while Apple, Google or whoever can continue installing whatever they like. This isn't what words mean. There isn't actually a choice, but it misleads you into thinking there is. I'm sure there are legal words around this in the "ownership" contract, but "off" can't really mean "on".
Maybe that helps?
- https://old.reddit.com/r/iPadOS/comments/1prkpaq/can_i_turn_...
- https://www.reddit.com/media?url=https%3A%2F%2Fpreview.redd....
Off topic, put P5 as a game doesn't really care about spoilers much, there is one specific story telling gimmick that will screw with you if you're really sensitive to these kind of things.
They are drowning in tech debt. Here are two main issues I have with my iPhone/iOS: I can't search for the telegram app. It doesn't show up. It shows fine on the iPad. Also just a few minutes ago, app search decided not to work. I usually use it to pull my Wallet to pull my card. It was an awkward moment as I had no idea where the wallet app actually is.
I have lost count of the minor polish issues. The experience has degraded so much that you no longer care.
You can intentionally hide apps from search. If you did this, it’s not very obvious that its hidden from search unless you dig for the setting. Similarly, “hidden” apps refuse to show up in search results anywhere, even in settings.
It's probably just some Apple bug.
Do you think they accidentally found this 5 seconds before their exploit was launched or do you think they might have actually put some effort into doing this since they are an organization of people.
I can see a fucked up ceo greenlighting a trick to get their app installed on your phone without asking. I can’t really see them having it repeatedly download.
I suspect it’s a bug, or worst case a backdoor that’s been triggered with a commercial app instead of spyware accidentally or “accidentally”.
That may not be the case here, and certainly isn't the assumption we can make more generally.
We regularly see regressions in platform security.
https://news.ycombinator.com/newsguidelines.html
Currently we are inundated by accounts who don’t give a shit and make a new automatically 3 seconds after their flagging.
As long as those accounts are allowed I don’t really care for the stated rules that aren’t actually enforced.