This, Our Year of Renewal

Allowing official documents to lapse in Costa Rica is a nightmare, which is why I keep close tabs on them. When I saw four items pop up on my computer’s calendar this past January, I groaned. My poor husband asked what was wrong. When I explained, he wasn’t very sympathetic but he never deals with this sort of stuff.

What sort of stuff, you ask. Well, our Costa Rican cedulas de residencia (national ID cards) must be renewed by July and our US passports updated by November. My Washington State and both our Costa Rican driver’s licenses were also due to expire in June… or so I thought.

I traveled to the states in April and renewed the Washington driver’s license. It took two trips to their DMV, because, silly me, I failed to notice on their website that driver’s licensing is closed on Mondays (all other licensing services remain open, however).

It seemed oddly familiar.

I’ve talked about it before, but I will repeat, Adam Gopnik got it straight when he compared French bureaucracies to weight lifting equipment. “Each Ministry is a bit like a Nautilus machine, designed to give maximum resistance to your efforts, only to give way just at the moment of total mental failure.” His point being that the French rarely go to a gym to lift weights or run on StairMasters in fellowship with kindred spirits the way Americans do. Rather, they treat getting things done in any office of the government as an aerobic workout in itself. The same camaraderie Americans enjoy with fellow exercisers, the French get with fellow misérables in the queues. This applies to Costa Rican bureaucracies, as well, although friends who have lived in both places assure me that France takes the prize.

I approached the Costa Rican driver’s licence renewal with some trepidation. My concern: the cards had expired. This happened because of the due dates. I had tracked my US driver’s license, due 06-03-2012, and our Costa Rican licenses, due 06-02-2013, forgetting that the day and month are reversed in the two countries. So, when I set about renewing the Costa Rican license in late May (with plenty of time to spare) I suddenly had that panicky feeling you get when you realize your pocket’s been picked or you’ve misplaced your keys. It was not due in June but due last February!

I’d also read that MOPT/ COSEVI passed new rules for driver’s licenses last year. It used to be they would honor a current license from any other country. All you had to do was get a medical checkup, trot down to the San José office with some money (of course), and they’d issue a license. Not any more. Now you have to be a citizen or a resident with a current cedula (applicants need not apply). Our resident cedulas were up to date, but as I recalled our licenses were pinned to our US passports.

The first trip to COSEVI was strictly recon. I presented our licenses, passports, and cedulas. The portly guy behind the desk never batted an eye. He adjusted his belly, leaned forward, and flipped through our documents, then tossed them back on the counter in front of me. Bring your immigration paperwork showing you were issued cedulas, copies of your cedulas, the dictamen medico (medical checkup), and bank deposit slips for five thousand colones each. He never mentioned the expired license. Neither did I.

It took two weeks and two visits to the office in Limón. I was sure it would be three, the usual number of stabs it seems to take to kill any task here. The rest of that time we spent getting the medical paperwork and finding time when the bank wasn’t jammed with tourists.

The second trip to COSEVI was nip and tuck. We got through two sets of paper shufflers and were waiting in queue when the machine that prints out the plastic cards broke down. Employees bent over the device and probed its insides. Minutes ticked by. Other employees were summoned from paper shuffling to confer.The clock moved closer to noon. Finally, they called over the woman who’d processed our paperwork. She flipped up covers, un-battened hatches, and reached deep into the organs of the beast to retrieve a jammed card. More levers flipped, shutters clattered shut, and—bing!—it was online again.

We have an appointment in June to renew our residency cedulas, and then it’s on to the US Embassy.

Two down, two to go.

By November I’ll be buffed up like a veteran weight lifter.

[This essay originally appeared in The Costa Rican Times, May 29, 2013.]

Lost Without Translation

Costa Rica News – ”Stop the car!” I yelled at my husband. “Maybe that guy knows where the place is.”This is an all too familiar cry when we are driving anywhere in the Central Valley. We are both excellent drivers, but the bulk of the driving has fallen to him. I invariably ride shotgun, acting as navigator, and that involves asking for directions more often than not.

The man I spotted had what I look for when making inquiries. He was older, trimming a big red bougainvillea that overflowed from his yard into the street, so I assumed he lived there. And he appeared to own a car. One was parked in his drive, anyway. This last item is almost essential, because, with luck, the directions he gives will be for a driver and not a pedestrian. I’ve gotten those, and we’ve run into one-way streets, alleys, and dead ends. I have used taxi drivers parked by the side of the road. They are great. And on more than one occasion I’ve actually taken the taxi and had my husband follow in the car to find the correct address.

On this particular day we were trying to locate a wrecking yard in San José, Auto Repuestos Hermanos Copher. The address on their website said—no kidding: in San José, La Uruca, Barrio Corazon de Jesus, 800 meters north (road to Heredia) at the intersection of Pozuelo.

This is not an anomaly; this *is* the approved address system of Costa Rica. If you are a local, you probably know right where these places are, but if you are an expat or a visitor, good luck. It’s a bit like directions the old farmer gives when you’re lost in rural America. “Go up this road until you come to the Burns’ place, turn north, and continue on… oh, maybe a mile or two until you get to the corner where that old oak was hit by lightening back in ’96.”

It’s hopeless. Even if you do follow the directions to a T, you often discover the hypothetical tree is no longer there. For instance, there are addresses that mention the Coca-Cola Building in downtown San José. Coca-Cola moved to another location—across town—years ago, and the building is now a flea market, but many businesses close by still refer to it in their address (From the Coca-Cola building 50 m north and 25 m east, between avenida…). That sort of thing. And the 50 meters north or 25 meters east address makes having a compass in the car indispensable.

We were familiar with Uruca, a section of town known for its traffic jams and the Office of Immigration. I had no idea where Barrio Corozon de Jesus was. I searched desperately on our old, and not very detailed, roadmap as we inched along in traffic.”Road to Heredia,” it said. Okay, I found Heredia on the map. Dot to dot. It must be the road we’d seen at the bottom of Uruca, at the huge intersection that was often a free-for-all of cars and trucks. We needed to turn right at that point, but what in hell was “Pozuelo?” I beavered through my trusty Spanish-English dictionary. No entries.

“We are going to have to turn right pretty soon,” I said. “You need to get over in the far lane.” Easier said than done. Costa Ricans, like the rest of us, are polite face to face but can be rude and pushy behind the wheel. As we edged across two lanes of traffic and a chorus of horns, I became vaguely aware of the smell of sugar baking, something buttery.

I was checking our map when we drove straight past the turnoff. A couple of blocks later we looked for a place to turn around. That is when I saw the man trimming his bougainvillea and yelled at my husband to stop.

I showed this portly stranger the address, and he pointed to where we had come from. He said we needed to turn left for Heredia. “But what is this?” I pointed at the word Pozuelo. He gave a me quizzical look and pointed up and across the intersection. I looked up and saw the huge billboard-sized sign: POZUELO. Of course, Pozuelo, the bakery, the one that makes all those sugary cookies. I thanked him, feeling rightfully foolish, and said I was lucky it wasn’t a snake.

We took another stab at it, made the left turn and headed toward Heredia. 800 meters later, not counting overshoots, turnarounds, and the need for more directions, we found Auto Repuestos Hermanos Copher. They did not have the auto part we needed, but suggested another wrecking yard that might, Repuestos Pana: in San José, North Granadilla, Curridabat, University Latina, 4 kilometers east.

 

My First Boss, A Cowboy Born in the Wrong Century

 

 “Mr Thomas was born May 31, 1915 in Fossil, Oregon, to William and Mary Thomas…. He worked on several ranches in wheeler county and was a professional rodeo cowboy……..” 

Jim Thomas was born in the wrong century for cowboys.

I knew him most of my early life but never knew until his obituary that he served in WWII or that he was a cowboy poet.

What I did know left an indelible mark.

My first memories of him are from the Saturday night square dances my family attended at the Camp Sherman Community Hall. As young girls, my sister and I waited with great expectation for those dance nights. We had rituals about what time we arrived, what to wear, and there were endless discussions about who might, or might not, be there. There were excitements and disappointments every weekend.  If Jim came, he came late, the evening punctuated by his entrance. Whether he was drunk or sober, he made a splash. I remember once there was a commotion at the back of the hall when he tried to ride his horse into the dance hall. I was thrilled someone would do something that outlandish.

He danced the Cotton-eyed Joe like a floating dream,  his bowed legs and cowboy boots tapping out the rhythm— heel and toe, and one, two, three— his strong arms holding some lucky woman at a proper distance as they glided across the dance floor. I remember when my turn came for a dance. I must have turned a crimson shade of red as we swirled around the room, knowing every woman was watching. I was only ten or eleven, but I knew innately—right then—what a dangerous man was long before one came along to break my heart.

Some years later I worked for Jim at Jim’s Horses for Hire. Ending up running a dude string is a bit like a prize-fighter becoming a professional wrestler, I would imagine. He also drove the snub-nosed school bus for the local two-room school-house I attended for a year. I suppose he was trying to be a good husband and father, a free spirit tied down by his responsibilities.

He lived with his wife and two small children about a half mile from the corrals. In fact, he lived right across from the community hall. He rode his horse, Roanie, from his house to work leading my horse along behind so we could round up the rental horses in their pasture. The crisp mountain air stung my nostrils on those mornings, the smell of pine, and that special way that sound travels through cold air woke me up as I waited for his arrival at the corrals.

He would have worn a plaid cowboy shirt that had been through the wash enough times to soften and fade it into a wonderful shadow of its original color. The front pockets were never snapped, and there was always a pack of Camel straights in one. He wore button up Levis’ held up by a tooled leather belt with a silver belt buckle with its brass bucking horse frozen in time. His weathered old boots were not fancy, just working cowboy boots. His hat was a Stetson, no other kind was acceptable. It was black, but with a sweaty grease ring around the bottom third, mixed with dust, dirt, and grime that made it seem a kind of dark brown fading into black at the crown. The brim was weathered and tipped down so far he had to cock his head back to look you in the eye. He always had it on unless he was being introduced to a woman. Then he would remove it politely with a nod.

He smoked his Camels from the minute he got up in the morning until he went to bed at night. He may have smoked at night, for all I know. He smoked without ever taking the cigarette out of his mouth, and he smoked them right down to the stub. His fingers were stained brown from the tar. I can remember watching impatiently as the ash would grow longer and longer, waiting for it to drop onto his shirt or pants. When the butt was short, the smoke would begin to drift up his nose setting him off into a fit of coughing that would force him to remove it until the spasms subsided. Like all smokers, it was worse in the morning. I could  hear him coming a good ten minutes before he got to the corrals.

A gifted horseman, he  knew whether a horse was giving its best on any given day, and he respected the work they did. He expected them to work in the summer but wintered them out on a huge ranch in Eastern Oregon where they never saw a human being until spring. Rarely did he send his horses out alone with customers he didn’t know or trust. And that was my job, the guide and protector of the hoses. Sometimes he would ask my opinion of someone who wanted to go out alone with a horse. I never realized it at the time, but he was teaching me to look at people, to assess their character, know whether they were trustworthy.

We spent a good deal of time sitting around that corral waiting for customers and I learned a lot. I learned how to play mumblety peg. I learned how to play coin toss games, how he made tea in an old coffee can on a wood stove. I learned that he drank and kept his stash in the barn where his wife wouldn’t find it. I learned a lot about horses, trimming hooves, about tack, about using turpentine on wounds as a disinfectant, and all along, I learned about people.

I have never understood how someone could walk into a corral with an old cowboy like Jim and try to convince him of their equestrian skills, but they would. Usually, these same people would try to mount the horse from the wrong side, or claw up the side of the horse as though the saddle were a life line. Once on board they had no idea how long the stirrups needed to be, or even what they were for.

Jim had a horse he kept for special occasions when someone rubbed him the wrong way. I suppose you could call Bar-S a Palomino, although he was a far cry from the version we all think of: the beautiful golden color and flowing blonde mane and tail. Bar-S was more albino than Palomino, blue eyes surrounded by reddish pink eyelids and white lashes, a washed color that looked more like a worn coat than gold. He had a sullen and shrewd look, evaluating you the minute you walked into the corral. Bar-S, was his name because of the brand on his left shoulder, but Jim called him “The Pig” because of his demeanor and for Bar-S Bacon®, popular at the time.

Sometimes Jim would let a particularly arrogant rider go out alone, especially if he was trying to impress his friends. Inside the tack shed, out of earshot of the dude, Jim would turn to me, an evil grin on his face, choking on a bit of smoke drifting into his nose. “Saddle up the Pig, Sarie,” he’d say. Once The Pig was saddled it was the rider’s turn to try and get him out of the yard. This was particularly humiliating as his friend’s horses would dutifully head out of the yard on their well-known track. The Pig wasn’t having any of it. Kick, and he would back up. Kick harder and he would back up faster. Sometimes, he would back up under a little loafing shed trying to scrape the rider off under the low roof. He would jam himself into a corner and just dig in with every kick, crushing the rider’s leg against the corral rails, or until the rider was forced to ask for help. The Pig always came home dry. No one would run him into a lather.

I worked for him throughout high school, and then our worlds grew apart. I was in the whirlwind of my youth, gobbling up life as it came at me.  I never realized that Jim’s life was in a steep decline. I guess life was gobbling him up. Years later I got word that he and his wife had gotten a divorce, and I went to see him once when I was in my twenties with children of my own. He was living the lonely life of an alcoholic by then. I made some sorry excuse about getting home with the babies. That was the last time I ever saw him, but I have never forgotten those years together. I know that whatever insight I have into people comes from the years I spent with Jim in that corral so long ago.

[This post was inspired by a writing prompt from The Scintilla Project, offering a fortnight of storytelling. Follow this link to find out more, or click on their badge on the right hand menu.]

Hackers, Bots, Bluehost, and Me

Last week was the hacker week from hell. First, I got an email notice from my web hosting service, Bluehost: “Your website has been shut down due to violations of the terms of service agreement.” WTF?

Next, I went to my website and discovered, sure enough, it no longer existed. This prompted an international phone call and a conversation with the terms of service folks at Bluehost. They muttered to themselves more than to me as they looked through the files of my account. “It appears you have malware files on your website,” they said. “We’re putting a file in your Bluehost account so you can look at it and identify any malware files. It’s called malware.txt. After you have cleared out the suspicious files we will reinstate your blog.”

Whoa. Malware files? How would I know a malware file from a bien-ware file? And how do I find this file you have put into my Bluehost account? Obviously, I had a lot to learn about a) my Bluehost files, b) malware and hacking, and c) what to do to protect myself in the future.

But, first I wanted my blog back. The Terms of Service people sent me over to Technical Assistance and we looked at the malware.txt file together and established that the problem was a corrupted theme.

So, here is my first piece of advice, do not upload free WordPress themes. You get what you pay for, as they say, and sometimes when you do not pay, you get a lot more than you bargained for.

After deleting all the theme contents, Bluehost activated my blog again. The site was up for three hours, more or less, then I got messages from Facebook friends telling me it was down again. More international phone calls.

This time Technical Assistance told me more than half my WordPress scripts were missing or altered in some way. As the man poked around in my files he advised me to brush up on security. “How comfortable are you with WordPress at this point, would you say?” Not good enough, obviously. “Well,” he said, “I don’t feel good about keeping this website up and running with its current configuration.”

We discussed the options. Not many. Then he uninstalled WordPress, sending my eight-year-old blog, all of its 170 plus posts, comments, photos, and files off into the ozone. As he was doing this he explained the new hackers of today are mostly Bots, a shortened term for robots, or servers, that endlessly probe sites looking for weakness. “They will often change scripts and codes so that visitors to your site are automatically redirected to another site.” Vigara sales or penis enlargement sites came to mind, although the most frequent spammers I see are selling Gucci bags, probably knockoffs. “Any usernames or passwords the Bot collects are gravy for the hackers. They love to get a password because people very often use the same one or similar combinations.”

Then he sent me a couple of emails with security suggestions which I will now share with you.

• First, back up your blog and database on a regular basis. Fortunately I had already done this and it saved my blog from virtually vaporizing. We were able to reinstall WordPress and bring my blog back from the great beyond— with a few fits and starts all the posts, comments, tags, links, and photos were saved to live another day. In the Bluehost C-Panel under “Files” find “Site Backup and Restore Basic.” There you can program Bluehost to backup the site and the database on a regular schedule.

• Install a security plugin to WordPress. The techie mavens at Bluehost suggested Better WP Security. I have installed it, changed all the recommended settings to either blue or green, indicating heightened security. The red links show vulnerability. The nice thing about Better WP Security, they warn you if changing certain settings will interfere with themes. So far it has locked out at least 20 people trying to log on as admin to my account. I am regularly notified by email about updated files and plugins so I can check to make sure I was doing the edits, not someone in, say, St. Petersburg, Russia—nothing against Russians in general, but that’s where the ISP originated that I blocked permanently for abusing login rules.

• Akismet, of course. This plugin scans and blocks spammers from posting on the blog. I had this amazing plugin before the mass attack, and over the five years with WordPress, it has blocked some 75,000 spam comments. I call that a working plugin!

• Read about security and the issue. I cannot stress this enough. I learned so much from the Bluehost people and the links they sent. There are sites that will auto-scan your website for malware and it’s free (of course ongoing, increased security is a monthly fee, but a quick scan costs nothing).

Try one of these two:

Clearing House

Stop Bad Ware

Other suggestions Bluehost sent me:

Recommended Themes:

Weaver II
Yoko

I have Thesis Theme, which is secure and safe. It also costs money.

Recommended Plugins:

Akismet
All in one Favicon
Better WP Security
Blog Copyright (by BTE)
Google XML Sitemaps
Jetpack
Page Comments Off Please
Send From
Strictly Auto Tags
Sucuri Security – SiteCheck Malware Scanner
TentBlogger 404 Repair
Theme My Login
WordPress SEO by Yoast
WP Smush.it

Increase Speed and Efficiency of WordPress

Occasionally when your site gets a large number of simultaneous visitors the site could appear down due to the overwhelming number of php processes running on the server. There are a couple of ways that you can combat this. You can install a caching plugin, like W3 Total Cache, or Super Cache. I have found these to sometimes slow a WordPress Site down even more, and when I have gone to remove them I have found that I had to rebuild my websites. Another option is to make use of a service like CloudFlare. My sites have access to CloudFlare through my hosting at HostMonster. CloudFlare provides the same type of caching as the caching plugins.

I will add, here, that I signed up for Cloudflare and had all manner of issues with 404 error messages. Not sure what was causing it, but I signed off that service for now.

WordPress like all database driven websites is vulnerable to attack through vulnerabilities in the code. Since WordPress will always have vulnerabilities it is important to keep WordPress, the plugins you use, and themes updated, and your passwords secure. One part of securing a password is to use a strong password (8-12 characters long with at least 1 uppercase letter, lowercase letter, number, and symbol). I have Data Guardian which has a password generator which I can copy and paste. No need for keystrokes for the hacker to follow.

Steps to Secure a Site

Remove files you are not familiar with.
Keep code updated
Remove unused scripts
Monitor file permissions
Hide configuration files
In the php.ini file make the following changes:
Set ‘register_globals’ to Off.
Set ‘display_error’ to 0 or Off. (You might ask, but I found my ‘register_globals’ and ‘display_error’ were already set as recommended. You could ask your web hosting service what their policy is.)

Remember to confirm all user inputs. Items on Forms, in URLS and so on. Remember to make use of access Control. Keep users away from admin areas, and other places they do not need to be.

For this I created a CAPTCHA form for people trying to log in as admin, which is no longer called “admin” but a personalized name. The plugin I use, SI CAPTCHA Anti-Spam, can lock someone out for a time after three attempts. I quit using Si Captcha because the hackers (sigh) changed the code and ultimately blocked me from signing into my own website. Bluehost got me back in, but what a pain. I now use the WordPress CAPTCHA plugin.

Make use of .htaccess to block known bad users, or the IP ranges of countries that you do not want accessing your website. Better WP Security is able to add some black list ips to your .htaccess. You can also make use of some free services create code for the .htaccess file to block access to certain countries. This may be useful if you see attacks coming mostly from certain countries and you do not need traffic from those countries this can be a useful tool to protect your site.

Actually, Better WP Security plugin does this for you. Once they send you a notice of abuse, you can copy the ISP and put it on a Ban Users list. I know the hackers like to move around and we cannot foil them 100% of the time, but I’m working on it!

I cannot say enough good things about the people at Bluehost. They were polite, helpful, and did not treat me like the complete idiot I am sure they thought I was. If you are looking for a web hosting service for your website, look no further. Bluehost is the one.

So, I hope some or all of this helps you. I am so grateful for a wonderful team over at Bluehost, and that I had the sense to back up my files and database. I do keep all my posts in my Scrivener project titled Blog Posts, but the idea of reposting 170 plus posts was daunting.

Bottom line: Back it up! Lock it down!

Photos credit: Hackers Release Data-Stealing Program to Push Google to Plug Holes …phandroid.com