innismir.net

In the words of the late, great, Irving Snyder, WA1ETG SK, I have a “tale of woe.” As always, as an employee of the fantastic Commonwealth of Massachusetts, the opinions of this website are my own and not the view of my employer or anyone else.

Late in August, I was in a rush on a Wednesday and couldn’t change my five dollar bill for ones to pay for parking. With the MBTA, they have something called an “honor box” in which you pay your $4 parking fee into a small slot numbered with your space. “No worries…” I said to myself, “…since I am in a rush, I will eat the late fee and just pay them when I get a violation notice.” A brilliant plan, correct? It was, I’ve done it before. Also, since I knew I was likely going to face the same problem on Friday I was just going to pay $10 with the Friday violation notice. This plan crashed to earth when I got the Friday violation notice:

Can you spot the key difference between these two notices? According to the 8/21 notice, I have 8 outstanding violations. This is impressive, as with every violation notice previous to this, including the 8/19 notice, hasn’t included a peep about any kind of outstanding violations. So, I place an e-mail to LAZ Parking, as they suggested on their voice mail greeting, to ask them how the heck this happened. They politely provided me a spreadsheet showing that I hadn’t paid my violations numerous times since they took over.

Slight problem: I did pay them.

I’m no angel. According to the spreadsheet I had 16 violations since December 1st. However, I have been extremely thorough in paying my violations since the parking fee increase, specifically because I knew that $5/pop could add up quick. While I cannot specifically say “Oh, hey, I paid that violation on June 23rd.” (Because really, who remembers that?) There were two violations that I was sure I had paid. Also, apparently, I did possibly owe them $2.75 from a violation in December. I won’t even attempt to remember that.

So, I ask them how I can contest it? Well, simple, I just tell them which spot I parked in during those dates and they can check.

Slight problem: There is not assigned parking at the MBTA.

With the MBTA commuter rail, each spot is numbered and that’s the number you pay for. However, it’s first come first serve. Most days I usually get a spot in the between 50 and 100. But really, I now have to keep track of which spot I park in on a daily basis just in case LAZ says I didn’t pay? What? I explained this to the CSR and after following up a week later asking them if there was any movement on this she reiterated she needed the numbers.

This brings us to today.

I give up.

That’s it MBTA, you win. You’ve created a system where you can tell people they owe money and they have little to no recourse. You have a cash system, someone can have no proof they paid on random dates and in order to contest it, you make them jump through nearly impossible hoops. I give up. I am bending over and taking it.

So, now, in order to cover my ass:

• I will be paying my outstanding fee with a check, probably hand delivered, and I will get a receipt.
• Further violations will be paid with via a check, as suggested by LAZ, and I will be keeping the canceled checks on record.
• After I get the canceled check, I will be following up with LAZ to make sure they credited it to my account.

Plus, just to add insult into injury halfway through the back and forth with LAZ, I get this on my windshield:

A $15 ticket because I was parking in the lot with an “outstanding balance”

Thanks, MBTA.

Tuesday, work had some training for some $FAIRLY_EXPENSIVE_SECURITY_SOFTWARE. Training required us to install one of the desktop versions of their product (which was passed around on a USB stick. </facepalm>)  and required a license key. The trainer walked around to my laptop and set up a key. My paranoia is peaked when someone uses an computer with my account, so I watched him log in to the webpage with the key generator (OK, I averted my eyes when he typed his password, that’s a common courtesy), generate the key, made sure it worked, and moved on the the next laptop.

Did you notice the missing step? Allow me to show you what was still up on my screen behind the software (censored to protect the guilty):

Click for Larger

Click for Larger

License Keys anyone?

Being the upstanding citizen I am I took my screenshots and logged out. I could have, however, generated a nice stretch of license keys for the next few months for my own personal use. Considering the amount of money the software costs, these keys would would have saved me a pretty penny.

There were four mistakes here, all small, two of which could have been fixed in the design phase of the application, two of which were the trainer’s fault.

1. Trainer using a unknown laptop to log in to a secure site. Good thing I didn’t have a keylogger or something.
2. Application not having a some kind of system that would allow me to submit for my own key and have the trainer approve it.
3. Trainer not paying enough attention to log out.
4. Application not having some kind of oversight so that if I…. uhhh… I mean someone… did compromise the trainers account, I… er… he couldn’t create a bunch of keys.

I will give credit to them for some restrictions that kept this from being an epic fail:

1. 30 days was the longest period I could generate a key.
2. It would likely had my fingerprints all over it.
3. I believe the key could be revoked on their end.

That being said, it’s still an interesting example on how a series of small mistakes can cost an organization. Not that it did in this case, but how often do we hear about a bad system allowing a breach of sensitive data? A secure system requires both proper design and diligence of the users. In this case, unfortunately, they all clicked to allow the possibility of someone making off with the goods.

I take the magnificent MBTA Commuter Rail twice a day to get to and from my job in Boston. I pay $250/month for this privilege, plus, the MBTA makes me pay $2 a day to park in order to take the train. Recently the MBTA decided, partially because it can’t balance a checkbook, to up the parking rate to $4 a day, a 100% increase. You know, because people are swimming in money right now. Anyway, since I have no choice, myself and other riders have ince resigned myself to this fate, and just have thought of doing evil things to the giant banners that appeared at the parking lots at the start of November.

Imagine my surprise this morning when I saw this sign posted above the collection box this morning:

$3! I was in shock! I had heard nothing about this! Had the T had come to its senses and made a more reasonable increase? I was pleased, but my hopes were quickly dashed when I looked 3 feet to the right and saw this sign:

Uhhhh… What? How much will it be MBTA? You have conflicting signs not even 3 feet apart at this station. Which one is correct? I did some research, and after looking at the MBTA Parking Increase FAQ I see no mention of a $3 rate at commuter rail spots.

What say you, MBTA?

UPDATE (11/13): As of this morning, the “$3.00/day” sign is gone, proving that the MBTA was just playing a cruel joke on half-awake morning commuters. (I keed! I keed)

I make an effort to regularly check out the National Hurricane Center daily to make sure I know where the storms are going. This is what greeted me this morning:

Click for larger

*sigh*

Looks like I’ll have to make sure everything is charged up Saturday… C’mon cone of uncertainty, shift right!

From the Boston Globe (Emaphasis Mine)

A junior at Needham High School posted students’ schedules and identification numbers and teachers’ classroom rosters on his Facebook account after hacking into an online student information system, school officials said yesterday.