[c-nsp] Cisco TAC successfully disappoints again
Phil Mayers
p.mayers at imperial.ac.uk
Wed Dec 19 12:20:26 EST 2012
On 19/12/12 17:07, Mikael Abrahamsson wrote:
> On Wed, 19 Dec 2012, Jon Lewis wrote:
>
>>
>> I'd say it sounds like you've run into a known bug serious enough that
>> TAC's been told not to say anything about it other than "known bug,
>> nothing to see here" until cisco gets around to doing an official
>> security advisory and has gotten the fix out to all the larger
>> customers they care about [more than you].
>
> Not necessarily. I've hit numerous times the past year where bugs (not
> security related) have *extensive* internal Cisco documentation (as far
> as I can deduce), but the public information is limited to (often wrong)
> 2 sentence description.
>
> I'd say Cisco has changed policy regarding public bug information. I
> have complained to support/account team, so far without any real answer.
I tend to agree.
About 50% of the time, our TAC cases result in bug IDs. By far the most
common outcome is for those bugs to be "protected" - no-one (including
myself) can see the contents, and you get some spurious message about
"proprietary customer information" and told it will be visible "soon".
This never happens - most of my bugs remain invisible indefinitely.
Threatening to force the TAC case open until the bug is visible doesn't
work - eventually they just close the case (at which point I think long
and hard about "all ones"ing the bingo).
Like yourself, we've complained about this, but our account team (who
are very good in many respects) are unable to offer any insight into
this phenomenon.
Maybe we should start a cisco "bug ID" wiki where we can put info about
the original cause?
More information about the cisco-nsp
mailing list