Does the new EA App for Mac create a vulnerability?

In no particular order…

Users do have the option to not install EA games.

You’ll want to discuss your concerns with EA.

Apps that use launch daemons that start on startup and run in background are far from rare.

Various apps can add exploits and vulnerabilities, and that including add-on security apps.

root access works for user files, but macOS itself protects itself against shenanigans from root. And how long something has root is not particularly relevant.

The user is able to disable Gatekeeper on various macOS versions, as well. Here’s how:

sudo spctl --master-disable

Potential vulnerabilities that might lurk in any security-relevant code aside, more than a few folks deliberately install hot-garbage apps and privacy-leaking apps and cracked apps. Pragmatically, EA is much more likely to address and resolve issues found than those selling hot-garbage apps or cracked apps, too.

But again, this is something you’ll want to discuss with EA.

amjoie3 wrote:

On Mac with the new EA App installed, EA Background Service runs as a process owned by root, not by the user. EA Background Service also self-starts every time the computer is booted up. This means that there is a process running whenever the computer is on, with root-level access, with access to the internet and software installation.

That's not at all unusual.

This is a major security risk.

Yes and no. On one hand, this is very common. Users hand over root access to pretty much anyone who comes along. But Apple knows this and has significantly changed the security model to better protect users in this environment.

Origin (and all reputable Mac software) runs with user-level access only.

Lots of reputable Mac software requires root. There's nothing disreputable about that. Ideally, Mac software shouldn't require root access unless it really needs it. But writing good Mac software is difficult and most developers simply aren't up to the challenge.

Root access should only be requested when the software is being updated or new DLC installed, and then discontinued after the update is complete.

That's the ideal.

The way that Mac and Unix systems protect themselves against viruses and malware is to be very picky about which programs get root access and for how long. EA Background Service bypasses this protection. This is the equivalent of disabling anti-virus software on a PC the entire time the PC is running.

Again, yes and no. In practical terms, there is no security risk. Delivering a properly functional app using root is really hard. Since most malware developer are no more skilled than honest developers, they usually don't bother. Don't believe what you read on the internet about this topic. None of that is true. Most malware runs fine with only user-level access. If malware wants more privileges, all it has to do is ask. Most end users will hand over their password without question.

EA App on Mac is still relatively new, but if this continues to be the case, it won't be long before creators of viruses and malware exploit it.

That sounds like a valid concern, but if it were, viruses and malware would have exploited apps like Adobe, Google, Microsoft, Clean My Mac a long time ago. As I said above, that's difficult. It's much easier to just ask the user. They always say yes.

If anyone can verify that the app is 100% safe, I would certainly appreciate it.

No one can give you that verification, not even the developers.

It is a valid concern if an app is running launch daemons. But the concern is performance, stability, and reliability, not security. Furthermore, Apple knows all this too. Recent versions of macOS include a setting in System Settings to disable these kinds of background tasks. Normally I don't recommend that. It is better to simply not use such software instead of trying to hack them up like that. But, in theory, apps should, at some point, get used to this and operate normal if the end user disables these background items.