Nuisance or Necessity? UAC and VMS

Author: Sarit Williams, Published on May 27, 2013

User Access Control (aka UAC) is Windows' attempt at thinking for and proactively protecting users. However, this can become a nuisance and a time hog when this feature works against you, especially when installing VMS software. Network administrators and IT departments are notorious for locking down an environment making it difficult to do your job. In this note, we explain why UAC is implemented, how it impacts VMS and what to do about it.

Background of UAC

**** ****** ********* ** ***** ******** ******* ********* ** * ****** ** Windows ********* ******* ** ****** ******* **** **; ** *** initially ********** ** ***** (*** *** **** **** ** ******?) and *** ** ***** ** ******* *, *, *** ****** 2008. **** ******* ** ****** ** ** ******* *** ******** non-administrators **** ********** *** ******** ** ****** *** ******* ** the ** **** *** ********** *** ********. ** ** *******, UAC ***** ** *********** *** ******* ************** ** **** **** their ******* *** ****** ****** *** *** ********** *****, ******* messenger, ***.

UAC's ****** ** *****

*** *** “*******” ** *** ********* ****** ***** ** ****** an **/*** ****** **** ****** ** ******** ******* ** ***********. **** ** ********* ******* ****, ** ****** ************ ******* ***** ********* ** ***** **** ***** ** *** registry ** *** *********** ********* ******** ** **** ** ******* as ** ********* ******* ***** * ******.

**** ********** *** ********, *** ******** ****** ** **********, ****** the *** ****** *** ********* ***** ************* ***** ** ***** installer. *** ****** ** **** *** ******** ****** ******* ***** user ******** ******** (**** ** ****** ********, **** *****, **** Interface **************, ***) ** *** ******** ** *** *******.

**** ** *** ** ******** ******** ** *** *** ****** the ************ ** *** *** ******** ******. ** ***** *** software ******** *** *** *********** ***** ** ** ***** ** the ******** ****** ************ *** **** **** **** *********** ** do ****. *** ****** ****.

*******, **** ******** **** ** *******, **** ** ******** ***** *** motion ***** *** ****** ** *** ********. **** **** *** require ***, *** **** **** ******** ************* ***** *********** (********* provided ** **** ** *** *****).

*** *** ******

** *** *** ******** ************ ** ********* ******* ******* *** UAC ******* ***-** ******** ****** *** ************ ******* **** ******. Messages **** “****** ** ***** *****.***” ** ********* ******* ** an ********** *** ********* ** *** **** ** ***** *** files ******. ************, *** ***-*** **** ***** *** **** *** ability **  ****, ******, ** *** *****, *** **** ** these ******* *** ***********. **** ****** ****** *** ***** ** skip ********* ***** **** ***** ********* ******* *** ******** ** not ********.

*** *** ******

** ****** ********, ** *** **** *** **** **** **** time ***** *** ****** ** ******** ***** ***** ******** (*** example, * **** ** *******) *** *******. **** ** ******* indication **** *** ** ** ** *** **** ****** ** to *** ******* ** *** ** ************* ******* ** ***** for *** **** ** ******* ** ** ***** ** ******** access ** ****** *** ********.

What ** **

***** ********* *** ******* **** *** *******:

  • *** *** ******* *************: **** **** **** ** ***** ***** password **** **** *** **** ** ******* *** ********* *** software.
  • *** **** ******* ************* ** **** *** *** ** ****** give *** ** ************* ***** ****** ** ***** ***** *** can **** *** *** ********.

****'* *** ** **** *** ***:

  • *** ** ** * ***** ************* ****.
  • ** *** ****** *****, **** ***.
  • ****** *** “****** **** ******* ******* ********”
  • ***** *** ****** **** ****** ****** ** ***** ******
  • ***** **
  • ******* *** ******* *** ******* ** **** ******

**** ***** ***** ** ** ******:

**********

** * *********, ** ** *********** **** *** ** *********** turned *** ********** ***** ** ********* *** ************ ******* **** when *** *** ***** * ***** ************* **** *****. ********** the *** ******* ******** *********** **** ****** *** ******** ****** the ********* ******** **** **  ***** ****** ******** *** **** ensure *** ******** ********* ** ********. ******, **** *** *** software ** *********, ** *** *** ********, **** **** ** re-enable **.

 

Comments (3)

Michael Peele

05/30/13 04:35pm

VMS and other programs should not store settings in the registry. Setting should be stored in the database (which may be shared among multiple servers, multiple users, multiple clients, etc.).

Sarit Williams

05/31/13 04:43am

Thanks Michael, valid point indeed. It is not uncommon to have a VMS store user settings in the registry. One possible reasoning is that storing in the database would cause the end user's client application to lose all favorite settings in case of a database failure or maybe a sub LAN connection loss to the database server itself.

Moreover, general settings for the (thick) client application such as data connection string to the database and VMS server must be stored in the registry. Creating a VMS with this architecture in mind allows the client to operate with minimal feature loss in some cases. Keep in mind though that this is certainly not the best design and probably a good indicator the software was created using an older technology or developer skill. For example, if using .config or XML settings file it would reduce the registry dependency which is also a huge security issue if not done properly.

Seth Everson

06/04/13 01:15pm
As for VMS software storing data, that's a different issue than what UAC is trying to address. VMS clients and potentially server software will need to store data in the registry, like window sizes, user settings, etc.. If your VMS triggers UAC during normal use, it is poorly written software. Windows added UAC as a major security measure against malicious software altering Windows settings without permission. This includes trojans, worms, and viruses. Turning off UAC is a bad practice. If you disable it, you hamstring an important tool in the fight against these security threats. Be sure it is enabled. Even during installation, if you have to turn it off, that's a red flag. Make sure you use the context menu option of Run As Administrator when installing software. It will elevate your privileges to install the software. Keep in mind that UAC is a clone of the Unix su command, and imitates that function. It took Microsoft until Vista to realize how important it is to not run everything as administrator all the time.
Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

July 2018 IP Networking Course on Jun 19, 2018
The last chance to save $50 on registration is this Thursday, June 21st. Register now and save. This is the only networking course designed...
Axis Guardian - Cloud VMS And Alarm Monitoring - Released on Jun 19, 2018
Axis has struggled to deliver a cloud-based managed service video platform. Video service providers have utilized AVHS for over a decade, and have...
Four Major Outdoor Camera Install Problems on Jun 14, 2018
Over 140 integrators told us the top four camera installation mistakes that lead to unexpected problems and failures. Their comments often...
ReconaSense - The AI / Access Control / Analytics / IoT / Video Company Profile on Jun 12, 2018
One company's ISC West booth stood out for displaying a light-up tower of buzzwords. The company, ReconaSense, pledged to be 'making sense of it...
H.265 / HEVC Codec Tutorial on Jun 07, 2018
H.265 support has improved significantly in 2018, with H.265 camera/VMS compatibility increased compared to only a year ago, and more manufacturers...
Worst Features for Camera Installation (Statistics) on Jun 07, 2018
4 clear worst features for installing were identified by 140+ integrator respondents to: What feature(s) make a camera hard to install? The...
Bosch IVA Video Analytics And Motion+ VMD Tested on Jun 06, 2018
Bosch's video analytics now ship on nearly every model, from indoor domes to high-end 5MP starlight cameras.  In this test, we evaluate Bosch's...
Top Features For Easy Camera Installation (Statistics) on Jun 05, 2018
Camera installation is the most fundamental and common task for video security technicians. Because of this, camera manufacturers market their...
Hikvision PanoVu 20MP Flexible Camera Tested on Jun 01, 2018
Hikvision has released their first repositionable multi imager cameras with integrated IR included, atypical in competitors. We bought and tested...
Oncam 12MP Fisheye Camera Tested on May 29, 2018
Oncam has made their name since the early 2000s as a fisheye specialist, focusing only on panoramic cameras. To see how this specialist stacks up...

Most Recent Industry Reports

IFSEC Show Report Day 2 Report on Jun 20, 2018
IPVM is live from London reporting on the IFSEC show. The Chinese have taken over the UK, centered on Hikvision, flanked by Dahua, Huawei and a...
Mobotix Releases 'Move' Into 21st Century on Jun 20, 2018
For years, Mobotix stood resolutely against, well, every other manufacturer, selling it as a virtue: MOBOTIX equipment is designed with no...
Cybersecurity Startup VDOO Disclosing 10 Manufacturer Vulnerabilities Starting With Axis And Foscam on Jun 20, 2018
Cybersecurity startup VDOO has uncovered significant vulnerabilities in Axis cameras along with many others not yet disclosed. In this report, we...
July 2018 IP Networking Course on Jun 19, 2018
The last chance to save $50 on registration is this Thursday, June 21st. Register now and save. This is the only networking course designed...
Axis Guardian - Cloud VMS And Alarm Monitoring - Released on Jun 19, 2018
Axis has struggled to deliver a cloud-based managed service video platform. Video service providers have utilized AVHS for over a decade, and have...
IPVM Vulnerability Scanner Released on Jun 18, 2018
IPVM is proud to announce video surveillance's first and only cybersecurity vulnerability scanner. This tool allows quickly and simply...
Hikvision Corrects False Cybersecurity Announcement on Jun 18, 2018
Hikvision has corrected a false cybersecurity announcement that claimed a British government-sponsored program endorsed the cybersecurity of...
The Dumb Ones: PSA's Bozeman On Cybersecurity on Jun 15, 2018
The smart ones are the hundred people who flew to Denver and spent $500+ on a 1.5-day conference featuring Dahua as a 'cyber responsible partner',...
Amazon Ring Launches $10 Monthly Professional Alarm Monitoring on Jun 15, 2018
Amazon's Ring has announced an alarm system with 24/7 professional alarm monitoring for $10 per month, a fraction of the $30+ per month traditional...
Axis Releases First New Access Controller In 5 Years (A1601) on Jun 15, 2018
It has been 5 years since Axis 2013 entry in the physical access control market, with the A1001 (IPVM test). Now, Axis has released its second...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact