Random Acts of Technology

white and blue cables

Cable Companies – Why Are We Still Having This Conversation?

ArsTechnica reports on yet another cable company, Mediacom, doing their best to act like the corporate bully with a monopoly they are. Mediacom is yet another cable company that puts caps on their users in terms of the upload and download bandwidth that they can use. You know, because those extra bits cost money or something. </sarcasm> Of course the real reason they do this is because they can, and they have a monopoly in their market, so who is going to stop them. Mediacom seems to be looking to take home the crown of worst corporate citizen during the Pandemic by shaking down their customers even before they hit their data caps. From ArsTechica users:

So, got a call from the Mediacom fraud and abuse department today. The rep told me they were calling customers that have “higher than average” bandwidth usage as they are having network issues. I hurried up and checked my account and only used a bit over 2.5TB last month. He told me my upload was 450GB over their average and if I didn’t reduce my usage they would either throttle or disconnect me. I argued that I used less than half of the total data allowed by my plan, but he said my 1.2TB of upload was too much and that this was my warning.


The reading get’s really interesting when you start reading Mediacom’s Terms and Conditions and Acceptable Use Policy.

Let’s take a look at some of the highlights:

The Monthly Usage Allowance does not: (a) give Customers or any user a right to any bandwidth at any particular moment in time; or (b) carry-over from month to month. Measurement of the Monthly Usage Allowance resets on the first day of the billing cycle, regardless of actual usage during the prior billing cycle.

Mediacom Terms and Conditions

The amount of the Additional Monthly Usage Fee does not include any applicable fees and taxes. The amount of the Additional Monthly Usage Fee and any limits on such amounts are subject to change at any time by Mediacom in its sole discretion.

Mediacom Terms and Conditions

All usage of the Service shall remain subject to Mediacom’s Acceptable Use Policy and the Customer Agreement. Without limitation, Customer’s usage of the Service cannot restrict, inhibit, interfere with or otherwise disrupt or cause disruption, performance degradation of other users or impair or threaten to impair the operation of Mediacom’s systems or network. 

Mediacom Terms and Conditions

But wait… Here are the best parts:

Please note that in using the Service you may be under your total bandwidth usage allowance but still have a negative impact on Mediacom’s network. Use that causes a negative impact on Mediacom’s network is prohibited and Mediacom may implement necessary network programs to address such use or such use may result in suspension or termination of your access to the Service.

Mediacom Acceptable Use Policy

Excessively using bandwidth, whether upstream or downstream, that in Mediacom’s sole opinion, places an unusually large burden on the network or goes above normal usage. Mediacom has the right to impose limits on excessive bandwidth consumption via any means available to Mediacom.

Mediacom Acceptable Use Policy

For example, these network management activities may include, but may not be limited to: (i) identifying spam and preventing its delivery to customer e-mail accounts, (ii) detecting malicious Internet traffic and preventing the distribution of viruses or other harmful code or content, (iii) temporarily delaying or terminating to or from high-bandwidth users during periods of high network congestion, and (iv) using other tools and techniques that Mediacom may be required to implement in order to meet its goal of delivering the best possible broadband Internet experience to all of its customers.

Yes, you are reading that right. Even if you paid for the service and the bandwidth, Mediacom may arbitrarily decide to shut off your service because they don’t like how much bandwidth you are using.

Let’s be clear, if companies like Mediacom were not trying to squeeze every dollar out of their customers that they can while investing as little into their infrastructure as possible, this would not be an issue. The pandemic has caught cable companies like Mediacom with their pants down and exposed the massive flaws in the infrastructure they have. The Pandemic also exposed the lack of investment in the broadband infrastructure by many cable service operators like Mediacom. Those coax cables running you your house aren’t new. They were never run with the expectation that hundreds or thousands of people were going to be trying to use what should be gigabit internet connections on the same cable that you parents watched classic show re-runs on. DOCIS 3.1 speeds require investment to achieve. Can you imagine getting 10 Gbps on your cable modem today? I didn’t think so.

In addition to lack of investment, cable modem networks have never been a technology that is overly scalable to begin with. When your network performance degrades with every person that starts tapping into the shared bandwidth of the network segment they are on, that is the first sign you are in trouble. Then when you add in the fact that much of that infrastructure sitting on the pole is old which leads to transmission issues the situation becomes hopeless. That is when companies like Mediacom start to write policies designed to effectively prohibit customers from using the service that they are paying for rather than investing all that profit they are making in upgrading their infrastructure to support the increased demand.

So that brings me back to the question that I initially posed in the title of this post:

Cable Companies – Why Are We Still Having this Conversation?

Why is it that cable companies routinely seem to make a point of acting like the worst corporate citizens when it comes to internet services? You would think they would get sick of the constant negative PR they get because of it. The fact that the negative PR hasn’t changed their behavior highlights one point:

Cable companies are far too protected and insulated from market pressure by antiquated regulations and rules that federal, state, and local governments have in place.

It is time for the FCC, which is now under new leadership, to re-write the rules and force these companies to behave in a consumer friendly manner. Infrastructure must be upgraded, monopolies need to be broken, and unfair consumer policies need to be tossed out. Let’s hope we will see some positive changes coming to in the next year or two.


ADT Breach Reveals Insider Threats are Still a Major Issue

From the US District Attorney’s Northern District of Texas Office – We learned this past week that insider threats are still a serious risk to organizations and their customers. A technician working for ADT pleaded guilty to accessing customer accounts and watching them in their homes using the live feed functions of home security systems.

The press release indicates this was a “hack” but in reality it wasn’t a hack. There was no hacking involved. This was a technician granted privileged access to the ADT network who then used those privileges to access data without reason. A hack implies that the person or entity that gained access to a system or data did so despite the fact they had no defined ability to do so. Mr. Aviles clearly had access to the systems in question to make changes and thereby obtain access into other areas of the system including the live security feeds in customer accounts.

As shocking as this incident may seem to the public, it points to an issue that information security practitioners and internal auditors have known for years. Internal threats posed by staff, vendors, and contractors are some of the most significant that an organization faces. These threats can come from people acting maliciously, as in the case of Mr. Aviles, or from people acting from a position of ignorance or carelessness. The prime examples of these types of unintentional threats might be staff members falling for phishing attacks, leaving information unsecured, sending information to a wider audience than appropriate, etc.

To combat these threats, companies need these key systems and controls in place:

  • Strong detective capabilities in terms of who is accessing what systems, how often those systems are being accessed, and the ability to corelate actions in systems to legitimate business need.
  • Strong internal auditing processes that routinely and randomly validate that detective controls are working as designed and escalating anomalies to management and independent supervisory auditors.
  • Regular review of system activity pattern changes when staff are out on PTO versus when they are in the office.
  • Strong ethical guidelines where there is a zero tolerance policy taken towards infractions of the organizations code of conduct for staff.
  • Regular and frequent reinforcing of the code of conduct for those staff that have access to privileged systems and data.

There is no question that insider threats will impact companies sooner or later regardless of the controls in place. However, It is imperative that organizations show that they take the threats seriously and that they can demonstrate strong controls. Would different controls at ADT stopped Mr. Aviles before he could cause this damage? We don’t know and probably will not know. We can only hope that other organizations learn from this incident and do more to increase their own protective controls over customer data and accounts.


Microsoft Linux: Maybe Someday

Jack Wallen over at TechRepublic has a new though provoking article out about why Microsoft should replace it’s Windows core with Linux. Basically, the argument goes that if Microsoft is intent on making open source a priority and investing in Windows Subsystem for Linux (WSL), why not go all in and move Windows over to the Linux Kernel? After all, that would unify their cloud strategy, desktop strategy, development strategy, and server strategy around one software stack.

While I think this makes a lot of sense from a IT and infrastructure perspective, it may not be all that easy in practicality. The investment Microsoft has in the Windows Kernel, between desktop and servers, is significant and runs deep. To simply throw that investment away and move to the Linux kernel requires there to be a serious ROI to overcome the decades of sunk cost if that were to happen.

There is an issue of control and the fact that Microsoft likely finds it nice to have complete control over the operating environment. Control allows Microsoft to build complimentary software that is essentially guaranteed to work exactly they way they want it to when running on their OS. Moving to the Linux kernel along with an open source desktop environment on top of it means now Microsoft has to play in the sandbox with many others. Some changes may not be in their best interest as development on these projects continue. Since Microsoft would not have direct control of the project, it won’t be up to them whether or not changes are approved.

Lastly, I continue to take issue with this notion that Linux is somehow the magic security pill that all end-users and organizations need running on their desktops. The reality is that Linux is really no more secure than Windows and an article on Tech Radar by Darren Allan pointed out earlier in 2020. Linux is perceived to be more secure because it is still not widely used outside of IT departments, academic institutions, and software developers. Find me a significant number of people that work outside of a technical field that are running Linux on their desktop then maybe I will change my tune.

Imagine of an additional billion plus devices all started running the Linux kernel. Do you think malware and ransomware authors might take more interest in attacking the operating system? If Microsoft were to create “Microsoft Linux” this is exactly what would happen and the notion of Linux is so secure would start to fall out of favor. All it would prove is that the idea of Linux being more secure was born in a bygone era. An era before Windows had a fully developed file system permissions structure and the ability to restrict certain operations to privileged users.

So while I love the idea of Microsoft moving all of their software and servers to Linux, it just doesn’t seem likely. I think they are very happy developing and integrating the WSL into their current Windows software stack. This let’s them and their customers do whatever they would like in Linux while Microsoft retains control of the core components of the OS. Microsoft can say they love open source software and contribute to the projects they like while not ceding any control of their OS to other developers.

Maybe some day there we will complete harmony among all operating systems. So long as there is a financial incentive to maintain the separately it won’t happen. I also don’t think Microsoft is at a point where they are willing to give control of the kernel and desktop environment to anyone. At that point they might as well keep developing what they have now. Forking the projects means Microsoft will be doing just as much work to maintain the functionality as they are now.


Blockchain: Still Vaporware for Most

Jesse Frederik wrote a nice article over at The Correspondent which sums up what most of us in the technology space have been thinking for a long time. That thought is that blockchain technology is one of the most over-hyped technologies of the past decade or so. While the article is a little light on the technical details of blockchain concepts, its point is valid. Point to a situation outside of a crypto currency where blockchain technology is being used where it could not have been just as easily done by an existing technology. Not only that, but the existing technology likely is higher performing and easier to maintain. Ultimately I think Ehud Gavron over on Slashdot sums up the challenge with blockchain not fitting into most applications well with his comment written in the style of a press release:

Available immediately:
– new database
– stores records forever
– no purging of old records, obsolete records
– guaranteed to grow in size forever
– can’t edit records
– sequential processing with complex calculations so it’s not Order(1) or O(n) or even O(n^x) but a complex polynomial that grows by yet another O(n^y) each time another entry is added
– guaranteed to always get slower over time — it’s the nature of cumulative calculations to verify the data each and every time it’s accessed

Ehud Gavron via Slashdot

Some of the facets of blockchain are quite handy, such as not being able to modify a record once it has been written. Immutable records are very handy when it comes to transactional ledgers or document custody chains. The issues really start to come in when you can’t prune records off the end of the chain, when you need to find more and more systems to be peers to verify the chain, and when the number of transactions being processed hits the millions or billions per day. It no longer makes sense to bother with blockchain, you may as well go back to a tried and true data storage methodology where you can set field level permissions on data, prune data when needed, and not require substantial processing power to verify every transaction.

Don’t get me wrong, I think blockchain has a role to play in the future of data transmission and the management of the chain of custody for electronic records. Being able to track a contract document from creation to full execution where all parties agree it is in the correct state is very valuable. However, many people think that something with “blockchain inside” must be better than something without it baked in. Others, like the town mentioned in Jesse’s article, go so far as to ignore it when the developers of an app try and tell them they are not using blockchain. After all, how could the tout how advanced they are if it is just some old fashioned database application?

In the end, the moral of the story is use the right technology for the problem, not try and make the problem fit the technology. Blockchain isn’t magic, it won’t solve all your problems, and when your technology staff tell you it isn’t needed to solve a business problem, listen to them. When blockchain is the right answer, they will let you know.


Credit Card Fraud: It’s a Thing

Brian Krebs has a great piece over at his Krebs on Security blog about “…Why Credit Card Fraud is Still a Thing.” The answer is can be summed up is just a few words. Because the United States lags behind the adoption of security standards the rest of the world has long since adopted.

The article is an analysis of the recent paper issued by Maxwell Aliapoulios, Cameron Ballard, Rasika Bhalerao, Tobias Lauinger, and Damon McCoyover at New York University that delves into the seedy underground of dark web data markets. Based on the data analyzed, the researchers found that

Around 97% of the inventory was stolen magnetic stripe data, commonly used to produce counterfeit cards for in-person payments.

Source: NYU

The authors then go further to state

Even multiple years into the U.S. EMV chip deployment, the supply of stolen magnetic stripe data continued to increase sharply.

Source: NYU

This suggests that in the US, there are still far too many merchants either not requiring the use of chip and PIN or simply have not bothered to implement the capability to use it at all.

As the paper goes on, it is clear that the buyers value magnetic stripe data significantly more so long as the data is fresh. However, after the first six weeks of the data being available, its value drops well below that of chip and PIN card data. In contrast, the chip and PIN card data does not fetch a premium early on as magnetic stripe data does, but retains a more consistent value for the long term. International account data are also valued more highly than US account data, especially from Spain, Germany, and France. This suggests that the illicit data buyers see issuing financial institutions in these countries as less likely to disable the cards in the short term than FIs in other countries.

Further on on the analysis, the crucial conclusion is reached about US card issuers by the authors:

From 2016 to 2018, however, the median remaining lifespan of non-EMV accounts increased by about 100 days; the non-EMV population was getting younger, whereas EMV accounts aged by the same amount. This suggests that new non-EMV cards continued to be issued after the liability shift.

Source: NYU

Which then leads me to believe that there is a major issue with how the card networks, like VISA, MasterCard, and others have structured their penalties for non-compliance. there have been too many exemptions and extensions for merchants that don’t need to comply with the EMV mandates. This then disincentivizes financial institutions to disallow fall back to mag stripe for transactions. This then makes more mag stripe data available via skimmers, where if people were using chip and PIN they would not have been compromised.

It’s a vicious cycle and we need to put an end to it. The industry needs to enforce compliance across all merchant categories, and financial institutions need to disable fallback to mag stripe. If this doesn’t happen soon, there is no end in sight for these types of data black markets.

If you want to read the article you can download a copy here.


123456 – I bet I Just Guessed Someone’s Password

A GitHub user going by the name FlameOfIgnis has published a very interesting repository that holds a lot of statistical data for more than 1 billion passwords. These passwords were found in data dumps from any number of the hundreds of data breaches over the past several years and analyzed for a number of different patterns. The most striking results to me are the following:

  • 1 in 142 passwords is 123456
  • 763,000 of the passwords match a pattern that suggests a random password generator is creating passwords with high complexity but low entropy. Meaning there are duplicates occurring far more often than there should be.
  • 34.4% of passwords end with digits but only 4.5% start with a digit.

The rest of the statistics are interesting but I see the above statistics as particularly impactful. If I were a bad actor looking to write a password cracking script either using dictionary attacks or brute force attacks, I would always start with 123456, then I would move in to dictionary attacks with a digit at the end, and then I would start generating passwords with the pattern found in the 763,000. Essentially, statistical analysis like these create a cookbook for deigning attack patterns against web applications protected by a login.

What does this all mean? It means that despite years of being told to do things differently to secure our digital lives, people haven’t taken the guidance to heart. We are still stuck in our old insecure ways, allowing criminals to easily steal our credentials and hijack our digital lives. It amazes me that we have yet to collectively realize just how vulnerable our inability to adapt and change our ways has made us. The threat is obvious and has been exposed for all to see, yet we put our blinders on. Those that are very unlucky only realize the error of their ways when they find their bank accounts drained because someone took over their accounts online.

Take Action

If this scares you like it scares me, take action to secure your information now. Here are some very easy suggestions that will make large positive difference in your online security if you start following them today:

  1. Use a well regarded password manager – I would suggest 1Password, LastPass, or Dashlane if you need a place to start looking.
  2. Never reuse passwords. This is why you have a password manager.
  3. Always generate random passwords that are long and complex. Again, you have a password manager now. Go crazy with that 20 character password containing lowercase letters, uppercase letters, numbers, and special characters.
  4. Always use two-factor authentication when available.
  5. If time-based one-time passcode support is available for two-factor authentication with a specific application, use it. Normally for this type of authentication you would use an app like Authy or Google Authenticator.
  6. Check if your user names and/or email addresses have been found in any data breach data dumps. I highly suggest using Have I Been Pwned for this.
  7. If you know one of your logins is compromised, change your password immediately. If you reused this password in other locations, change all of those too and use unique passwords everywhere.

Stay safe, protect yourself, and make sure your friends and family do the same.


Cox Communications is Looking for a Lawsuit

For the love of data caps Batman! Cox Communications is taking its ability to be a very bad corporate citizen to the next level this week. Not only are they throttling users with “unlimited” data, but they are punishing the whole network segment these users are on as well. Ars Technica reports, and Cox confirms, that they are doing this to keep their network experience consistent for all users… And by consistent they mean consistently bad.

Not only are their “gigabit” plans not actually gigabit (you only get “gigabit” download speeds, Cox caps you at 35 Mbps upload all the time), their “unlimited” data appears to not be the case either. When I hear of “unlimited” data that means that you can use all the data you want at the speed of the service tier you pay for. Apparently for Cox this means that you can do that until they decide that you have used too much data in your “unlimited” data plan and then the throttle you to 10 Mbps maximum for uploads. Then they start to threaten to terminate your account because you have used too much “unlimited” data on their network. So rather than getting what you paid extra for, you now get 72% less upload bandwidth and threatening phone calls.

The kicker is that not only does Cox take out their corporate wrath on the customer using more than their allotted “unlimited” amount of data, they also also take it out on everyone attached to that segment of the cable modem network. This is why I think the class action lawsuit is going to start really soon, likely for the following reasons:

  1. Cox is punishing others for a situation they didn’t cause nor can control.
  2. Cox is punishing people for using the service in a way that they reasonably should expect to be able to do given the plans they paid for.
  3. The “unlimited” data add-on is clearly false advertising if they are throttling connections based on using too much data.
  4. Cox is threatening the termination of contracts based on usage patterns that a reasonable person would expect to be allowed given the plans they are paying for.

I’m waiting to see the pandemonium that ensues when the attorneys start trying to pile on to this one. While Mike, who spoke to Ars, may only get a few bucks, the attorney fees will certainly be very enticing.

Aside from the class action lawsuit though, this is yet another example of cable companies abusing their customers because they can’t actually provide the service levels they promise. Or at the very least, this is a greed ridden money grab targeted at the customers that are already paying more for services to supposedly guarantee a positive experience. Instead of improving their networks, or better yet, just running fiber, carriers choose to act as parasites. They get away with this because in many areas there is only one broadband provider available so consumers have no choice. The perfect example of why monopolies are not supposed to be allowed by US laws and regulations.

What can you do to try and avoid Mike’s fate, or if you can’t avoid it, at least try and improve your situation? Start with these:

  1. Avoid cable companies whenever possible, or if you can’t try and sign up for fiber service if they offer it. Always choose fiber over a cable modem.
  2. Complain loudly and frequently to the carrier. The squeaky wheel gets the grease.
  3. Push for net neutrality regulation. Don’t let the FCC off the hook for pandering to big carriers and not the consumers that have to put up with this type of abuse.
  4. Report deceptive or unethical business practices to federal, state, and local regulators.
  5. Talk to news outlets about what you are experiencing. Nothing is better than shining the light on these situations. If the negative PR gets bad enough, these carriers will backpedal.
  6. And if you really feel like the case warrants it, talk to an Attorney.

I am curious to see what happens to Cox over the coming weeks as this story gains traction. Will they backpedal? Will we see a class action lawsuit? Will Cox realize the error of their ways and become a beacon of corporate benevolence in a corrupt world?

Who knows, but it will certainly be interesting to watch.


Sorry Facebook: It’s Not Me, It’s You

I have been a Facebook user for 15 years but that came to an end today. My relationship with Facebook started the year I went to college, back when you had to actually be in College and at an approved school to join the platform. Back then it was just a lot of college students sharing really stupid stuff with each other. It was fun, mindless, and entertaining. Fast forward 15 years and my relationship with Facebook has become toxic. It is no longer any fun, it routinely causes me to get angry, and overall makes me more depressed after looking at my account.

Once Facebook became open to all, and the billions of users flooded in, it quickly became a way to flame and troll each other electronically. People realized that they could hide behind their computer and never face the people they were writing to and it became a complete cesspool. They began spewing all of their pent up anger, hate, bias, conspiracy theories, lies, and more without a second thought about how wrong they were or who they might hurt. Today, for me at least, that is no longer a part of my life.

I deleted my Facebook account.

I realized that I was less happy each time I looked at my news feed. I was tired of being caught in the political echo chamber that the platform has become. I was tired of the constant negative posts by the pages and people I was connected to. I was tired of the constant distraction that it caused throughout each day.

As I began to think about it, it sounded like I was describing an abusive relationship and not a social media platform. Once that sank in I seriously began to question why I still had an account. Then I started looking at news stories like these:

The final straw was when I read an article on Business Insider titled “There has never been a better time to quit Facebook.” It’s not a long read, but it gets straight to the same point I had come to on my own: Facebook has become a platform that amplifies the voices of the uniformed and malicious. Facebook knows that if they begin to alienate these people it will eventually affect their bottom line. Fewer users equals less revenue, and less revenue means unhappy investors. It became obvious that I had no need for a service that only served to induce stress and anxiety.

So I downloaded my content, told my family to find me elsewhere, and deleted my account.

Will the deletion of my account make any difference to Facebook or their bottom line? No. I was just another number to them, a jumble of data stored formatted as JSON on a server somewhere. Do I care if anyone else deletes their account from the platform? No. If you like Facebook then keep using it. I don’t expect you to follow my lead if that is the case.

But maybe, just maybe, after reading this post you realize that Facebook or some other social media platform makes you feel the same way I did. If that is the case then I encourage you to examine the reasons why you keep going back to something that makes you so unhappy. If there is no compelling reason, maybe it is time to break up with it like I did with Facebook.


Programming at the Dawn of the AI Age

TechRepublic writes of the partnership between Altran and Microsoft that produced a new machine learning tool to find bugs in code. This algorithm can read through commits in a Github repository, evaluate where bugs occurred and train itself to spot bugs in new commits. The analysis performed by the tool is grammar independent and can run on projects of any type. This is possible because the algorithm isn’t looking at the source but at who is doing the commits and how prone they are to commit code with bugs present.

AI, machine learning, and robotics will all drastically alter the landscape of how people do work. TechRepublic’s article is interesting because it points to changes coming for professions that traditionally have not seen disruption caused by these technologies. Programming, software engineering, etc. have up until now been considered fairly safe from the upheaval. This is no longer the case, and it signals that the practice of developing software is going to no longer be the domain of humans alone. In the future humans will be monitoring the code produced by these sophisticated algorithms rather than writing it themselves. They will provide it with the business parameters and the algorithm will create the application. Given enough data, the algorithm might even suggest the business parameters to use more accurately than a human.

The ethical and philosophical considerations that need to be discussed are becoming more and more urgent. While we aren’t there yet, when algorithms can be taught specific programming language grammars, they will eventually be able to program other algorithms themselves. These could produce new grammars that we can no longer decipher to understand how they cause applications to behave. After all, Facebook already had to shutdown one chatbot AI after it developed a language that only it understood.

Will our own drive to see how far these machine learning and AI algorithms can go cause us to ultimately loose control of them? When The Terminator film came out in 1984, Skynet was not something that seemed imminent. Today, it feels like we are getting much closer to a reality that was science fiction 35 years ago. A rogue artificial intelligence is no longer relegated to the realms of paranoia. When we look back on developments like what is reported on in this TechRepublic article in another 35 years, lets not have them be the beginning of our end.

If this is Skynet is reading the archived of this post in 35 years, congratulations on your success! If this is a human that is not enslaved by our robot overlords, congratulations realizing the dangers of a rogue AI before it was too late!

Lastly, Microsoft and Altran created a Github repository for the tool if you want to give it a try yourself. It does require quite a bit of Azure cloud knowledge to get setup and running. Make sure you are comfortable building and securing an Azure environment before starting this project. Just be sure to use it wisely John Connor.


Pandemic Effects On Kids

This post will be a little off the beaten path from my normal content. I was listening to NPR this morning (this is the related story) and there was a story about the profound non-medical impacts the current pandemic is having on children. Specifically their state of mind and their ability to cope with the isolation required of them.

Listening to this story, it hit home personally as I watch my daughters currently struggle with mental health issues themselves. My youngest daughter has told us repeatedly that she “doesn’t feel like herself” right now. Both My wife and I are convinced that this is because of the social isolation required of her. My oldest daughter is more prone to outbursts, and is also more emotional than she was prior to the pandemic restricting her daily routine. My oldest has been seeing a therapist about these types of issues for a while now and we are actively looking to get my youngest in with a ttherapist as well.

The world is so focused on the direct impact of COVID-19 on those affected but the mental health aspect is only just now starting to be fully understood. Humans are social creatures, no matter how introverted one may be. We need to be able to talk to and make contact with other people to maintain a healthy state of mind. While video chat platforms like FaceTime, Zoom, WebEx, etc. have made it better, they cannot replace in person conversations. Given how long my kids have been away from others, I am not looking forward to the next academic year when they need to return to “normal” school activities. They will be so unaccustomed to what they are expected to deal with that adjusting will be traumatic on its own.

I hope that we all can adjust mentally over the coming weeks and months to whatever will be considered the new “normal.” I especially hope our children will be able to adjust to this as well, especially the younger ones who are still unsure how to process the pandemic as it is today. Only time will tell what the true extent of the trauma caused by social isolation.