[c-nsp] Visible bug IDs and Cisco service requests

Paul Stewart pauls at nexicom.net
Wed Jun 29 13:18:20 EDT 2005 

Add to all of this...

Customer buys high end gear and discovers a "hidden bug" won't let them run
the configuration they were told would work.  Customer rants at Cisco and
decides to take $20M a year budget to Juniper... (real example, not our
company)

I think all bugs should be visible to registered CCO accounts (after all, if
they're registered they are paying money for support right?).  General
public or pre-sales.. I can understand that answer being no... To some, it's
scary to pull up a list of bugs with a particular release or particular
hardware and see 10 pages.... To others who understand and are used to it,
it's a lifeline to know what will work and what won't...

Just my two cents worth..
Paul

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Joe Maimon
Sent: Wednesday, June 29, 2005 6:02 AM
To: Ted Mittelstaedt
Cc: Clinton Work; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Visible bug IDs and Cisco service requests




Ted Mittelstaedt wrote:
> 
>>-----Original Message-----
>>From: cisco-nsp-bounces at puck.nether.net 
>>[mailto:cisco-nsp-bounces at puck.nether.net]On Behalf Of Clinton Work
>>Sent: Tuesday, June 28, 2005 3:34 PM
>>To: cisco-nsp at puck.nether.net
>>Subject: [c-nsp] Visible bug IDs and Cisco service requests
>>
>>
>>
>>I have a case open for a 7206/NPE-G1 that crashed and the issue has 
>>been traced to bug CSCdz80661. I asked the case engineer to make the
>>bug visible
>>in the bug tool, but he has refused. Shouldn't customer encountered bugs
>>be make visible on the CCO?
>>
> 
> 
> Clinton,
> 
>  This is a moral issue that Cisco has been grappling with for a long 
> time now.  The problems are;
> 
> 1) Showing bugs that customers haven't found can be used as ammo by 
> competitors.  Bad for Cisco, Good for customers.
> 
> 2) Showing bugs can puncture egos at Cisco.  Bad for Cisco, neutral 
> for customers.
> 
> 3) Showing bugs can undercut marketing campaigns by Cisco.  Bad for 
> Cisco, neutral for customers
> 
> 4) Showing bugs can make some customers change purchasing decisions 
> since the features they need don't work right.  Bad for Cisco, Good 
> for customers.
> 
> 5) Showing bugs can reveal vulnerabilities that crackers can exploit. 
> Bad for Cisco and Bad for customers.
> 
> So you see it isn't black and white.  How would you feel if you bought 
> a new router that was supposed to do some particular task and it 
> didn't because of a bug?  Conversly, how would you feel if someone 
> broke into one of your routers after reading about a bug on CCO and 
> writing an exploit for it?
> 
> Ted

Let me add on to your list

6) Showing more bugs (and I am not going to speak about the difference 
between "internal" and non-internal bugs since in my experience there is 
practically no difference in the number of "invisible" bugs cco users 
run up against, including duplicate bugs that point to non visible 
bugs...) lets customers be reasonably certain that doing a bug tool 
search BEFORE waiting for TAC to do one as part of the resolution 
process is actually a worthwhile step.

Currently the odds that you are wasting your time appear to be fairly 
high, judging by the number of cases that TAC comes back with an 
invisible bug id.

SO that would be good for cisco (lower tac costs) and good for customers 
(faster resolution of the uncertainty of why something does not work)


> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 
> 
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list