Home » Forums » Discussions » E-Business and E-Commerce - General Discussion
» Closed Successful?

Closed Successful?

Closed Successful?
18 Sep 2009

When a ticket is considered "closed successful" do you simply ignore any further replies to it? I have sent 2 emails in the past week to a ticket that I do not consider "closed successfully" and I have not received a response or even an auto-reply, and my emails do not appear in otrs.

From: CO, USA
Closed Support Tickets
21 Sep 2009

When you reply to the email ticket (leaving the subject unchanged), the support ticket will be re-opened in our system.

Please provide us with the specific support ticket numbers so we may check this for you.

We apologize for the inconvenience.

From: ISR
re-submitted
21 Sep 2009

It was ticket #2009090810019371. But I just submitted a new ticket in response, #2009092110016134. And I've received the auto-reply.

From: CO, USA
Double Checking
29 Sep 2009

Hi Jeff,
Just wanted to check if you got sorted out.
 
Regards,
Derek, Plimus

From: ISR
Yes and No
2 Oct 2009

I got a reply to my new ticket, if that's what you're asking. But I am still very dissatisfied with Plimus' response to the security issue which these tickets regard.

From: CO, USA
Security issue? Who is at
2 Oct 2009

Security issue? Who is at risk? Plimus, vendors or customers?

From: GBR
exploit
2 Oct 2009

The security exploit makes customers' personal information available (including addresses, phone numbers, partial credit card/payment info) and vendors' license keys provided to the customer.

I've been discussing this issue with a security expert and he has told me that this is something that should be fixed immediately. He has also said that he is willing to use his connections to apply pressure to Plimus to fix this. So if I don't hear anything regarding this issue soon, I will have to give him the green light.

From: CO, USA
Plimus Assistance
4 Oct 2009

Hi,
Just to let you know I am having this issue revisited at a more senior level our end, and we will be back in touch with you through the Vendor Support system.
Thanks,
Derek, Plimus

From: ISR
Still waiting.
27 Oct 2009

Still waiting.

From: CO, USA
Update
28 Oct 2009

Hi there, 
Engineering have confirmed that this problem has now been fixed and that current order information items are now not trackable through web search.
Thanks,
Derek
 
 

From: ISR
sigh
28 Oct 2009

Why do I feel like we're running in circles on this issue? I am aware that you feel you have met your obligation regarding this exploit by preventing google from caching these pages; however, there is still a backdoor that allows anyone to access vendors' license keys. I thought that was what you meant when you said you moved the issue up to a more senior level.

My recommendation was to simply remove the license key from these web pages. Why is this not an acceptable solution?

From: CO, USA
Update from Plimus
15 Dec 2009

Just to confirm that for our next release the order information page will only be viewable by customers logging in with the email details used on the purchase for the relevant items.
 
This should be live early next month. (I have indicated this elsewhere on the Forum but should have done so here as well).
 
Thanks,
 
Derek, Plimus

From: ISR