Nuisance or Necessity? UAC and VMS

Author: Sarit Williams, Published on May 27, 2013

User Access Control (aka UAC) is Windows' attempt at thinking for and proactively protecting users. However, this can become a nuisance and a time hog when this feature works against you, especially when installing VMS software. Network administrators and IT departments are notorious for locking down an environment making it difficult to do your job. In this note, we explain why UAC is implemented, how it impacts VMS and what to do about it.

Background of UAC

**** ****** ********* ** ***** ******** ******* ********* ** * ****** ** Windows ********* ******* ** ****** ******* **** **; ** *** initially ********** ** ***** (*** *** **** **** ** ******?) and *** ** ***** ** ******* *, *, *** ****** 2008. **** ******* ** ****** ** ** ******* *** ******** non-administrators **** ********** *** ******** ** ****** *** ******* ** the ** **** *** ********** *** ********. ** ** *******, UAC ***** ** *********** *** ******* ************** ** **** **** their ******* *** ****** ****** *** *** ********** *****, ******* messenger, ***.

UAC's ****** ** *****

*** *** “*******” ** *** ********* ****** ***** ** ****** an **/*** ****** **** ****** ** ******** ******* ** ***********. **** ** ********* ******* ****, ** ****** ************ ******* ***** ********* ** ***** **** ***** ** *** registry ** *** *********** ********* ******** ** **** ** ******* as ** ********* ******* ***** * ******.

**** ********** *** ********, *** ******** ****** ** **********, ****** the *** ****** *** ********* ***** ************* ***** ** ***** installer. *** ****** ** **** *** ******** ****** ******* ***** user ******** ******** (**** ** ****** ********, **** *****, **** Interface **************, ***) ** *** ******** ** *** *******.

**** ** *** ** ******** ******** ** *** *** ****** the ************ ** *** *** ******** ******. ** ***** *** software ******** *** *** *********** ***** ** ** ***** ** the ******** ****** ************ *** **** **** **** *********** ** do ****. *** ****** ****.

*******, **** ******** **** ** *******, **** ** ******** ***** *** motion ***** *** ****** ** *** ********. **** **** *** require ***, *** **** **** ******** ************* ***** *********** (********* provided ** **** ** *** *****).

*** *** ******

** *** *** ******** ************ ** ********* ******* ******* *** UAC ******* ***-** ******** ****** *** ************ ******* **** ******. Messages **** “****** ** ***** *****.***” ** ********* ******* ** an ********** *** ********* ** *** **** ** ***** *** files ******. ************, *** ***-*** **** ***** *** **** *** ability **  ****, ******, ** *** *****, *** **** ** these ******* *** ***********. **** ****** ****** *** ***** ** skip ********* ***** **** ***** ********* ******* *** ******** ** not ********.

*** *** ******

** ****** ********, ** *** **** *** **** **** **** time ***** *** ****** ** ******** ***** ***** ******** (*** example, * **** ** *******) *** *******. **** ** ******* indication **** *** ** ** ** *** **** ****** ** to *** ******* ** *** ** ************* ******* ** ***** for *** **** ** ******* ** ** ***** ** ******** access ** ****** *** ********.

What ** **

***** ********* *** ******* **** *** *******:

  • *** *** ******* *************: **** **** **** ** ***** ***** password **** **** *** **** ** ******* *** ********* *** software.
  • *** **** ******* ************* ** **** *** *** ** ****** give *** ** ************* ***** ****** ** ***** ***** *** can **** *** *** ********.

****'* *** ** **** *** ***:

  • *** ** ** * ***** ************* ****.
  • ** *** ****** *****, **** ***.
  • ****** *** “****** **** ******* ******* ********”
  • ***** *** ****** **** ****** ****** ** ***** ******
  • ***** **
  • ******* *** ******* *** ******* ** **** ******

**** ***** ***** ** ** ******:

**********

** * *********, ** ** *********** **** *** ** *********** turned *** ********** ***** ** ********* *** ************ ******* **** when *** *** ***** * ***** ************* **** *****. ********** the *** ******* ******** *********** **** ****** *** ******** ****** the ********* ******** **** **  ***** ****** ******** *** **** ensure *** ******** ********* ** ********. ******, **** *** *** software ** *********, ** *** *** ********, **** **** ** re-enable **.

 

Comments (3)

Michael Peele

05/30/13 04:35pm

VMS and other programs should not store settings in the registry. Setting should be stored in the database (which may be shared among multiple servers, multiple users, multiple clients, etc.).

Sarit Williams

05/31/13 04:43am

Thanks Michael, valid point indeed. It is not uncommon to have a VMS store user settings in the registry. One possible reasoning is that storing in the database would cause the end user's client application to lose all favorite settings in case of a database failure or maybe a sub LAN connection loss to the database server itself.

Moreover, general settings for the (thick) client application such as data connection string to the database and VMS server must be stored in the registry. Creating a VMS with this architecture in mind allows the client to operate with minimal feature loss in some cases. Keep in mind though that this is certainly not the best design and probably a good indicator the software was created using an older technology or developer skill. For example, if using .config or XML settings file it would reduce the registry dependency which is also a huge security issue if not done properly.

Seth Everson

06/04/13 01:15pm
As for VMS software storing data, that's a different issue than what UAC is trying to address. VMS clients and potentially server software will need to store data in the registry, like window sizes, user settings, etc.. If your VMS triggers UAC during normal use, it is poorly written software. Windows added UAC as a major security measure against malicious software altering Windows settings without permission. This includes trojans, worms, and viruses. Turning off UAC is a bad practice. If you disable it, you hamstring an important tool in the fight against these security threats. Be sure it is enabled. Even during installation, if you have to turn it off, that's a red flag. Make sure you use the context menu option of Run As Administrator when installing software. It will elevate your privileges to install the software. Keep in mind that UAC is a clone of the Unix su command, and imitates that function. It took Microsoft until Vista to realize how important it is to not run everything as administrator all the time.
Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Integrator Laptop Guide on Oct 16, 2018
This 18-page guide provides guidance and statistics about integrator laptop use. 150 integrators explained to IPVM in detail about their laptops,...
Mysterious Patent Troll 'Secure Cam' Targets Industry, Sues Hanwha, Hikvison, JCI, Panasonic, More on Oct 11, 2018
A company named "Secure Cam," who is actively hiding their ownership, has acquired a slew of video patents and is systematically suing video...
Security System Health Monitoring Usage Statistics 2018 on Oct 09, 2018
How well and quickly do integrators know if devices are offline or broken? New IPVM statistics show that typically no health monitoring is...
IP Camera Installability Shootout - Avigilon, Axis, Bosch, Dahua, Hanwha, Hikvision, Uniview, Vivotek on Oct 08, 2018
What are the best and worst cameras from an installation standpoint? Which manufacturers make it harder or easier to install their cameras? We...
IACP 2018 Police Show Final Report on Oct 08, 2018
IPVM went to Orlando to cover the 2018 IACP conference, the country's largest police show (about as big as ASIS), examining the 700+...
Network Cable Testing Guide on Oct 02, 2018
Proper cable installation is key to trouble-free surveillance systems. However, testing is often an afterthought, with problems only discovered...
VMS Mobile App Shootout - Avigilon, Dahua, Exacq, Genetec, Hikvision, Milestone on Oct 01, 2018
Mobile VMS apps are a critical interface for the modern surveillance user. But who does it best and worst? We tested 6 manufacturers - Avigilon,...
Hikvision 4MP Camera Tested (DS-2CD2345FWD-I) on Sep 27, 2018
Hikvision's latest Performance Series / EasyIP 3.0 4MP model, the DS-2CD2345FWD-I, was the top performer in our 4MP shootout, besting rivals from...
ASIS GSX 2018 Show Report on Sep 25, 2018
In the first major US show since the US government ban of Dahua and Hikvision was passed into law, the mega Chinese companies were in retreat and...
Ladders For Installers Guide on Sep 25, 2018
Ladders are one of the most important pieces of worksite equipment for the surveillance technician. Too often, however, even highly experienced...

Most Recent Industry Reports

Best Alternatives to Banned Dahua and Hikvision on Oct 17, 2018
With the US government ban and a growing number of users banning Dahua and Hikvision, one key question is what to use for low cost? While Dahua and...
Video Quality / Compression Tutorial on Oct 17, 2018
While CODECs, like H.264, H.265, and MJPEG, get a lot of attention, a camera's 'quality' or compression setting has a big impact on overall...
Knightscope Winning Investors, Struggling With Growth on Oct 16, 2018
While Knightscope's new financials show the company only winning 11 new customers in the past 12 months, the company continues to win new...
Integrator Laptop Guide on Oct 16, 2018
This 18-page guide provides guidance and statistics about integrator laptop use. 150 integrators explained to IPVM in detail about their laptops,...
Huawei Admits AI "Bubble" on Oct 16, 2018
A fascinating article from the Chinese government's Global Times: Huawei’s AI ambition to reshape industries. While the Global Times talks about...
ADI's Financials Revealed + W-Box Growth Priority on Oct 15, 2018
  ADI is one of the most powerful distributors in the security industry but how big are they? How much profit do they make? How much do they sell...
Dahua Face Recognition Camera Tested on Oct 15, 2018
Dahua has been one of the industry's most vocal proponents of the value that AI creates: As part of this, Dahua has released a facial...
Amazon Touts Home Security Market Disruption on Oct 15, 2018
Amazon is coming for ADT and all of home security. Indeed, Amazon is advertising this as, in their own words, calling home security a: Inside...
Higher Power PoE 802.3bt Ratified, Impact on Security Products Examined on Oct 12, 2018
Power over Ethernet has become one of the most popular features of many video, access, and other security products. See our PoE for IP Video...
"New Zealand Govt Uses Chinese Cameras Banned In US", Considers Security Audit on Oct 12, 2018
Newsroom NZ has issued a report: "NZ Govt uses Chinese cameras banned in US": This comes after the US federal government banned purchases of...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact