Nuisance or Necessity? UAC and VMS

Author: Sarit Williams, Published on May 27, 2013

User Access Control (aka UAC) is Windows' attempt at thinking for and proactively protecting users. However, this can become a nuisance and a time hog when this feature works against you, especially when installing VMS software. Network administrators and IT departments are notorious for locking down an environment making it difficult to do your job. In this note, we explain why UAC is implemented, how it impacts VMS and what to do about it.

Background of UAC

**** ****** ********* ** ***** ******** ******* ********* ** * ****** ** Windows ********* ******* ** ****** ******* **** **; ** *** initially ********** ** ***** (*** *** **** **** ** ******?) and *** ** ***** ** ******* *, *, *** ****** 2008. **** ******* ** ****** ** ** ******* *** ******** non-administrators **** ********** *** ******** ** ****** *** ******* ** the ** **** *** ********** *** ********. ** ** *******, UAC ***** ** *********** *** ******* ************** ** **** **** their ******* *** ****** ****** *** *** ********** *****, ******* messenger, ***.

UAC's ****** ** *****

*** *** “*******” ** *** ********* ****** ***** ** ****** an **/*** ****** **** ****** ** ******** ******* ** ***********. **** ** ********* ******* ****, ** ****** ************ ******* ***** ********* ** ***** **** ***** ** *** registry ** *** *********** ********* ******** ** **** ** ******* as ** ********* ******* ***** * ******.

**** ********** *** ********, *** ******** ****** ** **********, ****** the *** ****** *** ********* ***** ************* ***** ** ***** installer. *** ****** ** **** *** ******** ****** ******* ***** user ******** ******** (**** ** ****** ********, **** *****, **** Interface **************, ***) ** *** ******** ** *** *******.

**** ** *** ** ******** ******** ** *** *** ****** the ************ ** *** *** ******** ******. ** ***** *** software ******** *** *** *********** ***** ** ** ***** ** the ******** ****** ************ *** **** **** **** *********** ** do ****. *** ****** ****.

*******, **** ******** **** ** *******, **** ** ******** ***** *** motion ***** *** ****** ** *** ********. **** **** *** require ***, *** **** **** ******** ************* ***** *********** (********* provided ** **** ** *** *****).

*** *** ******

** *** *** ******** ************ ** ********* ******* ******* *** UAC ******* ***-** ******** ****** *** ************ ******* **** ******. Messages **** “****** ** ***** *****.***” ** ********* ******* ** an ********** *** ********* ** *** **** ** ***** *** files ******. ************, *** ***-*** **** ***** *** **** *** ability **  ****, ******, ** *** *****, *** **** ** these ******* *** ***********. **** ****** ****** *** ***** ** skip ********* ***** **** ***** ********* ******* *** ******** ** not ********.

*** *** ******

** ****** ********, ** *** **** *** **** **** **** time ***** *** ****** ** ******** ***** ***** ******** (*** example, * **** ** *******) *** *******. **** ** ******* indication **** *** ** ** ** *** **** ****** ** to *** ******* ** *** ** ************* ******* ** ***** for *** **** ** ******* ** ** ***** ** ******** access ** ****** *** ********.

What ** **

***** ********* *** ******* **** *** *******:

  • *** *** ******* *************: **** **** **** ** ***** ***** password **** **** *** **** ** ******* *** ********* *** software.
  • *** **** ******* ************* ** **** *** *** ** ****** give *** ** ************* ***** ****** ** ***** ***** *** can **** *** *** ********.

****'* *** ** **** *** ***:

  • *** ** ** * ***** ************* ****.
  • ** *** ****** *****, **** ***.
  • ****** *** “****** **** ******* ******* ********”
  • ***** *** ****** **** ****** ****** ** ***** ******
  • ***** **
  • ******* *** ******* *** ******* ** **** ******

**** ***** ***** ** ** ******:

**********

** * *********, ** ** *********** **** *** ** *********** turned *** ********** ***** ** ********* *** ************ ******* **** when *** *** ***** * ***** ************* **** *****. ********** the *** ******* ******** *********** **** ****** *** ******** ****** the ********* ******** **** **  ***** ****** ******** *** **** ensure *** ******** ********* ** ********. ******, **** *** *** software ** *********, ** *** *** ********, **** **** ** re-enable **.

 

Comments (3)

Michael Peele

05/30/13 04:35pm

VMS and other programs should not store settings in the registry. Setting should be stored in the database (which may be shared among multiple servers, multiple users, multiple clients, etc.).

Sarit Williams

05/31/13 04:43am

Thanks Michael, valid point indeed. It is not uncommon to have a VMS store user settings in the registry. One possible reasoning is that storing in the database would cause the end user's client application to lose all favorite settings in case of a database failure or maybe a sub LAN connection loss to the database server itself.

Moreover, general settings for the (thick) client application such as data connection string to the database and VMS server must be stored in the registry. Creating a VMS with this architecture in mind allows the client to operate with minimal feature loss in some cases. Keep in mind though that this is certainly not the best design and probably a good indicator the software was created using an older technology or developer skill. For example, if using .config or XML settings file it would reduce the registry dependency which is also a huge security issue if not done properly.

Seth Everson

06/04/13 01:15pm
As for VMS software storing data, that's a different issue than what UAC is trying to address. VMS clients and potentially server software will need to store data in the registry, like window sizes, user settings, etc.. If your VMS triggers UAC during normal use, it is poorly written software. Windows added UAC as a major security measure against malicious software altering Windows settings without permission. This includes trojans, worms, and viruses. Turning off UAC is a bad practice. If you disable it, you hamstring an important tool in the fight against these security threats. Be sure it is enabled. Even during installation, if you have to turn it off, that's a red flag. Make sure you use the context menu option of Run As Administrator when installing software. It will elevate your privileges to install the software. Keep in mind that UAC is a clone of the Unix su command, and imitates that function. It took Microsoft until Vista to realize how important it is to not run everything as administrator all the time.
Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Backboxes for Video Surveillance Tutorial on Aug 15, 2018
Backboxes are a necessity in surveillance, whether for managing cable whips, recessing cameras, adding wireless radios. But it can be confusing to...
Cut Milestone Licensing Costs 80% By Using Hikvision and Dahua NVRs (Tested) on Aug 13, 2018
Enterprise VMS licensing can be quite expensive, with $200 or more per channel common, meaning a 100 camera system can cost $20,000 in VMS...
Uniview Intrusion Analytics and VMD Tested on Aug 13, 2018
IPVM's IP Camera Analytics Shootout featuring Avigilon, Axis, Bosch, Dahua, Hanwha, Hikvision created some ill will with a Uniview distributor who...
Camera Focusing Tutorial on Aug 09, 2018
A camera's focus is fundamental to quality imaging. Mistakes can cause important problems. In this guide, we explain focus issues and proper...
Hikvision PanoVu Mini Tested (Multi-imager + PTZ For ~$500) on Aug 07, 2018
Hikvision has released their first PanoVu Mini multi imager, the PanoVu DS-2PT3326IZ-DE3, with four 1080p imagers, including a PTZ and integrated...
Bluebox Video UK Startup Profile on Aug 06, 2018
One UK startup, Bluebox Video has designed, developed and is manufacturing their own streaming video wall appliances. To the right is a picture of...
Zenitel/ Stentofon Turbine IP Intercom Tested on Aug 06, 2018
IPVM has published reports testing an Axis door station and a Hikvision door station (tested). However, those companies are new entrants to this...
Camera Cable Whip Guide on Aug 03, 2018
Cable whips are one of integrator's least favorite camera features but seem to be unavoidable, now commonplace on dome, turret, and bullet cameras...
Panasonic 9MP Panoramic Fisheye Tested (WV-X4571L) on Aug 02, 2018
Panasonic has released their latest fisheye camera, the WV-X4571L, with 12MP sensor and 9MP resolution, claiming "extreme image quality" under...
Genetec Self-Discloses Critical Vulnerability on Jul 31, 2018
In an unprecedented move for the video surveillance industry, Genetec has self-disclosed a critical software vulnerability across Security Center...

Most Recent Industry Reports

Chinese OEM Avycon Gets ADI Push on Aug 15, 2018
Who is Avycon? An American company? A Korean company? A couple of guys relabelling Chinese products? The latter is the best explanation. While...
Backboxes for Video Surveillance Tutorial on Aug 15, 2018
Backboxes are a necessity in surveillance, whether for managing cable whips, recessing cameras, adding wireless radios. But it can be confusing to...
Genetec Stratocast / Comcast 'Motion Insights' Examined on Aug 15, 2018
Comcast recently announced "SmartOffice Motion Insights", an extension to their Genetec OEMed cloud video service (covered by IPVM here). This...
SimpliSafe Violating California, Florida, and Texas Licensing Laws on Aug 14, 2018
IPVM has verified that DIY security system provider SimpliSafe, founded in 2006 and acquired in June of 2018 at a billion dollar valuation, is...
Ban of Dahua and Hikvision Is Now US Gov Law on Aug 13, 2018
The US President has signed the 2019 NDAA into law, banning the use of Dahua and Hikvision (and their OEMs) for the US government, for US...
Cut Milestone Licensing Costs 80% By Using Hikvision and Dahua NVRs (Tested) on Aug 13, 2018
Enterprise VMS licensing can be quite expensive, with $200 or more per channel common, meaning a 100 camera system can cost $20,000 in VMS...
Nortek Sues SDS, Battle Over Unpaid Bill and Cancelled Lines on Aug 13, 2018
Nortek and SDS legal battle continues. As IPVM reported, SDS sued Nortek alleging bribery and antitrust violation. However, Wave fired back at SDS,...
Uniview Intrusion Analytics and VMD Tested on Aug 13, 2018
IPVM's IP Camera Analytics Shootout featuring Avigilon, Axis, Bosch, Dahua, Hanwha, Hikvision created some ill will with a Uniview distributor who...
ADT Employees Protest ADT CEO on Aug 10, 2018
So many ADT employees were so upset with ADT's CEO speech reported on by IPVM, that ADT's CEO was forced to send a mass email to employees to...
Axis / Avigilon Legal Battle Rises on Aug 09, 2018
In what is shaping up to be high-powered, will-not-back-down battle, Axis and Avigilon are squaring off in multiple legal contests. In 2017, IPVM...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact