Re: Security risk: EA Background Service runs as root on Mac

@Bluebellflora  Thank you for your clarification.

I am not a coder, and cannot discuss this from that perspective. But any app that unnecessarily exposes root function sure sounds like a problem to me. That much I have known since the 1980's when I got my first Mac. If that is, indeed, what the EA app does, then I am concerned enough to hold off installing the app, until and unless EA can show me I have no reason to be concerned.

We are already dealing with people exploiting mods, which is a new thing this year. That means The Sims 4 is now "on the radar." That already had me nervous enough to only download mods directly from the modder, not on curseforge.

As far as installing and then having to go through contortions each time I play the game just to be safe, that feels so wrong.

I asked on a developer thread on another forum about shutting things off, and got this as a response: "Recent versions of macOS include a setting in System Settings to disable these kinds of background tasks. Normally I don't recommend that. It is better to simply not use such software instead of trying to hack them up like that. But, in theory, apps should, at some point, get used to this and operate normal if the end user disables these background items."

From my perspective, EA has a responsibility to fix the vulnerability, if one exists. At the very least, give us the ability to shut off the background tasks and still have the app work.

Really appreciate all the info @Bluebellflora . Thanks!

@amjoie 

---

@amjoie wrote:

@Bluebellflora  Thank you for your clarification.

I am not a coder, and cannot discuss this from that perspective. But any app that unnecessarily exposes root function sure sounds like a problem to me. That much I have known since the 1980's when I got my first Mac. If that is, indeed, what the EA app does, then I am concerned enough to hold off installing the app, until and unless EA can show me I have no reason to be concerned.

We are already dealing with people exploiting mods, which is a new thing this year. That means The Sims 4 is now "on the radar." That already had me nervous enough to only download mods directly from the modder, not on curseforge.

As far as installing and then having to go through contortions each time I play the game just to be safe, that feels so wrong.

I asked on a developer thread on another forum about shutting things off, and got this as a response: "Recent versions of macOS include a setting in System Settings to disable these kinds of background tasks. Normally I don't recommend that. It is better to simply not use such software instead of trying to hack them up like that. But, in theory, apps should, at some point, get used to this and operate normal if the end user disables these background items."

From my perspective, EA has a responsibility to fix the vulnerability, if one exists. At the very least, give us the ability to shut off the background tasks and still have the app work.

---

You state you prefer to download mods from the modder rather than Curseforge...... what if the modder added executable malicious code to the CC file you downloaded? Or if they had their account hacked and the clean file was replaced by a nasty one, would you know? How would you know? You're more exposed with your current practice than you are using EA App.

I found the thread you referenced (in bold above). It is on Apple's Developer Forum and you received excellent and sound advice and replies that have essentially confirmed not to worry and this poses no further security risk than any other reputable software and indeed, you're at further risk by bypassing Gatekeeper than running an Apple notarised app like EA App. Choosing to quote that last paragraph is creating a false impression of the answers you received.

For anyone reading this who is still concerned, please follow that link to read the conversation in context.

I'm not interested in further discussing this. There is no drama or undue risk here

@Bluebellflora  I apologize for not clarifying that the modders, the ones I download directly from, are above reproach, like MCCC and LittleMsSam. No worries there. I am very careful with what I put on my computer. But you had no way of knowing that, and your reply in that regard was valid, and something I might have cautioned someone about, too. 🙂

I did not link to the developer forum because I did not know if a link would be allowed. To summarize, the most helpful answer I got was a "yes and no" along with (paraphrasing here not a full quote) the chances of a hacker bothering with that vulnerability are slim because coding Unix/Mac is really hard. On one hand that makes me feel better, but on the other hand, the risk still exists.

I probably should have told you that I play my game on an old intel Mac that runs best on Monterey, which is not nearly as safe as Sonoma. I should have mentioned I use a malware solution that stops suspect processes rather than having a list of bad actors to defend against. It might not even allow the EA App for Mac to install. So that was also on my mind.

The bottom line is, I did not want to lose my game, because it means so much to me, and I felt backed into a corner with no escape. Origin was working just fine, and they are keeping it working for people who cannot upgrade, so I wanted the option to continue just like things were, but I was not given that option. EA is going to force me to use their new app or not play at all.

Perhaps I overreacted, in your opinion and quite possibly in the opinion of others. But I felt no desire to be contrarian or argumentative. I just needed to feel safe enough to make it possible for me to continue to play my game.

I have looked into this further, and read more of the "lots of programs/apps are as unsafe or more unsafe" type of thing followed by "don't worry about it." To me, it feels a great deal like being told "when you walk the streets of New York City, the Big Apple, just stay alert." Not the kind of advise that makes me feel safe.

The best solution would be for EA to make the app more safe and less invasive. I cannot depend on them doing that.

So I talked with my daughter and we came up with an alternative solution. She is helping me finance a new iMac, and I will remove everything but The Sims 4 on one of the two computers, and then play offline unless I need to update.

Everything I must keep safe will be on the other computer, which will stay online.

That way, I will not have to worry about safety on the computer with the app installed, because it will be very easy to simply reinstall my game should that ever become necessary, since nothing else will be on that computer. And it is a simple thing to keep redundant backups of my Saves and other game data.

Some people may feel this is going way overboard, but since it has been several years since I upgraded to a new Mac, to me it feels like a really good solution. Being able to play my sims means that much to me. Maybe it shouldn't, but it does.

Ok I think I'm about ready to gather the info here into a useful short summary solution post.

Given Apple's rating It doesn't seem that this is a security risk really. More of a case of "it shouldn't be like that".

It sounds like the best solution is to upgrade to Sonoma (been meaning to do that anyway) and use Sonoma's system for disallowing certain background processes.

Some remaining questions-

@amjoie how do you play offline with the EA app? I haven't been able to get it to work offline at all, and many simmers on the official forum are upset that they can't either - people who live in areas with spotty internet, people who like to sim on their train commutes, etc.

Never mind, it seems to work for me now! It seems this is one of those things where if you have logged in online, and asked it to remember you, it remembers that you did that and allows offline play for some time before making you log in again.

Does anyone know what the toggle in the app to disable the background service actually does? I disabled mine right away, but the background service still runs.