Installed PETS EP and found this in preferences panel (using a plist editor thanks to Marhis who originally found it on mac after installing spore demo) So warning to anyone on MAC OS who was hoping to avoid SecuROM - it is also on MAC even if EA isn't saying so yet. Have no idea what to do about it, was hoping some experts here could link/post to some advice about it until then I will do more research in my files to see where else it lies hidden.

Holy fuck [..] Thanks for the heads-up!

One bit of consolation, perhaps (at least I hope so?): I'm running a network monitor 24/7 -- which means I get a note whenever *anything* tries to connect anywhere -- and I have never seen SecuRom or the game or anything like that trying to phone home .. I only allow traffic when I know what it is and where it's trying to connect for what reason. I've just checked the logs and rules, as well, and I don't see anything I might have allowed accidentially.

(The monitor I'm using is LittleSnitch -- I installed it first thing when I got this machine, a long time before the Mac game)


However: i *have* had more than one kernel panic while running the game -- and only while running the game, this machine is super stable otherwise --; so far I've attributed that to shoddy programming but who knows. I stupidly ignored the entire SecuRom discussion after I switched to OSX (thinking it's only an issue with BV and up, and I only have up to Seasons for the Mac) .. which was obviously, well, stupid.

ETA, I should have clarified: I see the same entry in the same plist, and TS2 (base, OfB, NL, Pets, Seasons) is the only game I've ever installed on this machine -- definitely not a Spore leftover.

Yes I want to say it came with PETS.
I installed that little snitch now. Wondering if it is inactive data (safe to delete then?)

[Edited to remove speculations found this:]
http://www.securom.com/news.asp?id=27


(from http://securom.mustbedestroyed.org/...p?f=8&t=61#p695)

Overall the whole thing is very sneaky and maybe a reformat upgrade for 10.5 in my case in the near future:/

UPDATE
Remove SecuROM for mac video guide 10.5
http://www.youtube.com/watch?v=eYKkYTUNX4w
Well this might help lead in the right path, but it seems its for spore installation.

There are also other opinions though -- people saying that in general, securom is less evil on the mac than it is on windows:

http://docwhat.gerf.org/2008/09/spore-drm/

(This is about the Securom that came with Spore, not about TS2 specifically -- there is not a lot of info overall, unfortunately (I've also googled a bit in the meantime))


But apart from that -- one thing that really puzzles me: Spore apparently puts a folder called "SecuRom" right there in the preferences for everyone to see (~/Library/Preferences/Spore/some/sub/folder/), is that correct? You've just linked to the video.

I'm pretty sure that no such folder got installed on *my* system - there is none on my machine right now, in any case. And I have Pets, the regular store-bought good-consumer disk version. Can you find that folder?

We can see a .plist entry .. but we can't see the actual process (and I have ActivityMonitor runing quite often, in particular while running the game, because it eats so much memory - I would have to be blind not to have seen "SecuROM" on that list). Looking at the monitor right now, while the game is running (the Pets-only version), I see nothing in User processes that I can't identify. Screenshot below.

In addition to that, I paid a lot more attention than usual during the original installation (albeit perhaps not the Pets one - that I don't remember anymore), because I installed multiple game versions in parallel which was a bit tricky - I know I read the installer logs more than once .. I wasn't looking for Securom, but in hindsight, if it would have been in the log it would have been difficult not to see it?

I mean, it's well possible that I'm blind or stupid or both (and naive on top), but is there a reason that the Pets version of Securom would be *this much* stealthier than the Spore one?

I guess what I'm asking is, can we be sure it's actually being installed - as opposed to a .plist just being dumped somewhere?

(There's apparently a lot of Windows cruft in the Mac version .. that's why I have that idea. Could it be a leftover? I find it quite hard to believe that Windows should be safer than Unix, all of a sudden ..)


Screenshot: -- link removed --

Plasticbox, that's just showing your processes. Does it show if you change Activity Monitor to show 'All Processes'?

Will take a look in a second. In the meantime, I just reinstalled Pets to see what's happening -- the log is less useful than I thought it would be, because I don't know how to turn on verbose logging for the Installer *without* having to run the install from the console (maybe you know?), however it only lists 3 new apps at the end, excerpt:

--
Nov 20 00:01:16 SPUTNIK : Removing temporary directory "/private/tmp/Pets.pkg.1376heC8bE"
Nov 20 00:01:16 SPUTNIK : Finalize disk "SPUTNIK"
Nov 20 00:01:16 SPUTNIK : Notifying system of updated components
Nov 20 00:01:16 SPUTNIK : TOTAL: Packages report 1040 files, 752 actual files written
Nov 20 00:01:16 SPUTNIK : Private/Total = (5,1MB, 64,2MB), Heap/Total = (1,5MB, 16,9MB), Regions(malloc, private) = (35, 32)
Nov 20 00:01:16 SPUTNIK : It took 256.097681 seconds to successfully install "The Sims 2 Pets" (1 pkg(s))
Nov 20 00:01:16 SPUTNIK : It took 1.005151 seconds to Configuring volume "SPUTNIK" (dm prepare*disk)
Nov 20 00:01:16 SPUTNIK : It took 255.079416 seconds to Install The Sims 2 Pets: 22 elements
Nov 20 00:01:16 SPUTNIK : It took 255.076536 seconds to successfully Install package The Sims 2 Pets
Nov 20 00:01:17 SPUTNIK : It took 3.323194 seconds to Build install plan (& redirected paths)
Nov 20 00:01:17 SPUTNIK : It took 0.338480 seconds to Evaluating versions of bundles
Nov 20 00:01:17 SPUTNIK : It took 0.022793 seconds to Determing obsolete files
Nov 20 00:01:17 SPUTNIK : It took 0.198861 seconds to Assembling temporary receipt
Nov 20 00:01:17 SPUTNIK : It took 0.090067 seconds to Collect path info (ATS, Sec Equiv, Kext, Pref Panes)
Nov 20 00:01:17 SPUTNIK : It took 249.208779 seconds to Write files
Nov 20 00:01:17 SPUTNIK : It took 1.892694 seconds to Assembling receipt
Nov 20 00:01:17 SPUTNIK : Nov 20 00:01:17 SPUTNIK : Summary Information
Nov 20 00:01:17 SPUTNIK : Type Elapsed time (sec)
Nov 20 00:01:17 SPUTNIK : patch 0.000036
Nov 20 00:01:17 SPUTNIK : zero 0.010478
Nov 20 00:01:17 SPUTNIK : extract 249.208779
Nov 20 00:01:17 SPUTNIK : config 3.776026
Nov 20 00:01:17 SPUTNIK : receipt 2.091555
Nov 20 00:01:17 SPUTNIK : disk 1.007927
Nov 20 00:01:17 SPUTNIK : install 255.079416
Nov 20 00:01:17 SPUTNIK : Nov 20 00:01:17 SPUTNIK : Starting installation:
Nov 20 00:01:17 SPUTNIK : Finalizing installation.
Nov 20 00:01:17 SPUTNIK : Registering applications
Nov 20 00:01:17 SPUTNIK : Registered /Applications/The Sims 2.localized/Body Shop.app.
Nov 20 00:01:17 SPUTNIK : Registered /Applications/The Sims 2.localized/Package Installer.app.
Nov 20 00:01:17 SPUTNIK : Registered /Applications/The Sims 2.localized/The Sims 2.app.

And then I checked for *anything* modified on the machine since yesterday -- files, folders, whatever, both visible and invisble -- that one global prefs file did show up, but nothing else. Nothing called "SecuRom" or with "Sec" in the name or even starting with "S" that I couldn't identify.


ETA: ok, here's *all* processes while the game is running (this is with the new, just-installed PetsOnly).

-- screenshot removed --

Do you see anything suspicious?

Well that video was for 10.5 so I would look maybe to see if there is a Sims 2 or Sims 2 Pets EP folder in that same area they said you could find the Spore preference folder. Since I am on 10.4 I can not find this because Sims is installed to my main HD not application folder (if it is around it is hidden).

I was a bit perplex to find this in plist file but no SecuROM here it seems:



Knowing that the game is basically port of windows version, I thought maybe search for the filenames in spotlight that were on PC version of SecuROM. No luck so far on my system (a good thing yes?! :D). Maybe checking the package contents of your Sims 2 and Pets EP will reveal something in 10.5? (command click program icon > see package contents)

This is exactly what I meant with "windows cruft" =D I thought it was actually quite funny, the first time I saw this.

Those files are in your Home/Library/Preferences, and if it's anything like with Spore there should be a "Sims 2" or "EA" folder or something NEXT TO the .plists in that same folder .. but there isn't. I've a handful of other folders in there (Opera has its own folder, for example) but Sims/EA-related I only see

com.aspyr.TheSims2.plist
com.aspyr.TheSims2PackageInstaller.plist

and that's it. (There probably was a Bodyshop one too, but I haven't used that in a while so could have thrown it away).


By the way, I'm on 10.4 too.

Searched again: I see nothing with a name starting with "sec" on my entire system that I can't identify (or at least, tell with some degree of certainty it is not SecuRom .. like User/Library/ApplicationSupport/Firefox/Profiles/12435647.default/secmod.db)

http://www.reclaimyourgame.com/inde...id=17&Itemid=57

You may wish to contact them with this information. They may not have any Mac user statements yet.

Gah, they even have a version of SecuRom for OS8.5 and 9 now? Better stop all that piracy of um...Mac SimAnt? I don't get it.

I've only just seen this -- what do you mean by that? Your Sims 2 folder is hidden?

Ah no (sorry english is not my first language) I mean from that video it looked like 10.5 application folder saved game makes preferences folders in applications folder but on 10.4 I can not find a "Sims PETS ep preference folder" anywhere that would have that SecuROM folder inside. Only the p.list files and if there is secuROM folder in HD can not find with spotlight at least.

I actually delete the data in p.list that said secuROM and then restarted computer. Game still played so maybe it is not so bad I have not have any bad kernel crashes.

Ah ok, yes, then we meant the same thing. The *Securom* folder would have to be invisible. (Was a somewhat stupid question perhaps, but it was late =)

For the record (because I just had to look at it for the nth time, and it's getting boring), the location of the Spore Securom folder shown in the YouTube video linked above is:

Home/Library/Preferences/SPORE Preferences/p_drive/User/Application Data/SecuROM

There's a "User Data" folder in it that contains "securom_v7_01.dat", "securom_v7_01.bak", "securom_v7_01.tmp" and "readme.txt".

That's on 10.5, I'm on 10.4, and like you I don't see any EA or Sims or Aspyr folders in my Home/Library/Preferences/. Only the .plists for the game and the Package Installer.

So I had a looksee into my plist. I do have the secuROM listed in .globalpreferences. But mine is listed as secuROM not secuROM_i386. This is on my PPC iMac, I haven't looked at my Intel Macbook Pro. The i386 is windows, based on the Intel 386 chip, or the x86. Now with Intel chips, software written for this platform will be OS X compatible. Is this good? lol

I also looked into the plist for TheSims2. Interestingly enough, they list the Registry in there. OS X does not use a registry. So when Aspyr ported, they apparently didn't clean the code up too well. It does make me wonder if the securom is just left over code?

I'm thinking it could be left over code- I laughed when I saw the reg references in skygirl22's image! Also, why would Aspyr want to keep piracy protection that EA have implemented? I'm sure they would have to pay Sony quite a lot for a license to use this, and I'm not sure enough people buy the Sims 2 from Aspyr to warrant this cost (as indicated by their lack of enthusiasm over porting the remaining EPs/ SPs).

Yup, same thought I had =) .. I mean, I know nothing about porting stuff from one OS to the other, but the .plist for the game is quite obviously translating "Windows-ese" (stuff that the game is looking for) to what it is under OSX .. it's an xml file that reads, for example

<key>App Paths</key>
<dict>
<key>Sims2.exe</key>
<dict>
<key>(default)</key>
<string>/Applications/The Sims 2.localized/The Sims 2.app</string>

(and so on)

so if the Windows Pets were looking for some Securom stuff that the Mac game didn't have, it would have to be fed some sort of info to make it believe that SecuRom is there and all is well .. that global plist entry could be just that. <-- this is a private theory, supported by nothing but what I posted here.

I'm still curious why this has to happen in a global preferences file and not some private application data. Particularly since there's no "uninstallation" of the game (apart from simply throwing it away) so that's going to be in there forever.


eta, I've also looked at ~/Library/Preferences in the Terminal now, to see Unix-invisible stuff (like the GlobalPrefs):




Apart from one that I edited out (that's from the day I bought this machine, or shortly before -- could be my serial, not sure) there is nothing else invisible in there.

And the SecuROM entry in .GlobalPreferences.plist.bak is different from the one in .GlobalPreferences.plist (which is only a few hours younger), so that looks very much like a change from the Pets install last night.

PBox, I came across this:
http://theappleblog.com/2008/01/23/...rootkit-hunter/
Website of the Rootkit Hunter creator:
http://www.christian-hornung.de/
Maybe some of you could try out 'OSX Rootkit Hunter 0.2' to see if it flags anything on your systems?

Yup, I've seen that too =)

And that:
http://www.clamxav.com/ -- free osx virus checker, based on "ClamAV" (which Windows people will perhapps know)

And that as well:
http://www.thexlab.com/faqs/malspyware.html -- pretty good FAQ on OSX security in general (applies to 10.4 and earlier, not Leopard)

And from Apple:
http://images.apple.com/server/maco...nfig_021507.pdf
Very thorough, and goodlooking as well.

Another very thorough article:
http://www.oreillynet.com/pub/a/mac...c-security.html
"Mac Security: Identifying Changes to the File System"


I'm not going to fiddle with anything today anymore (it's late here) .. possibly tomorrow.

My understanding is that SecuROM is a Windows only application. If you have Windows installed on your Mac, yes you get SecuROM. I checked my computer (I have a G5 non Intel Mac) and have all the Aspyr ported EP's and SP's. I could not find any SecuROM on my computer and even if you do run the game as ported by Aspyr, it might be leftover coding that doesn't do anything at all.

http://www.securom.com/news.asp?id=27

But that only says that an OSX version *exists* -- not that it's being installed with TS2.

I tried out the rootkit program, and I had 2 warnings, but neither was associated with securom.

One was for syslogging enabled in the IP address used for network testing, and the other was a hidden file which I can't actually find. I'm challenged with my UNIX commands apparently.

/usr/share/man/man5/.rhosts.5.gz