Earlier this week on The Atlantic, security expert Bruce Schneier took stock of our collective anxieties in the wake of the Ashley Madison hack. Is our online activity ever really private? A reader takes that worry a step further:
In a non-material realm where all data can be fabricated and easily transferred, what’s to prevent hackers from framing people?
The example I keep returning to is Internet child porn. In the case of criminal offenses like that, the presumption of innocence tends to get hindered from the outset by the severity of the charge. The mere accusation is enough to put someone under a cloud of suspicion, or to impeach their credibility. And it seems to me that anyone who can hack a computer network can also compromise someone's home computer to plant files on it.
I have to say, I don’t know enough about either computers, the “cloud,” or the workings of child porn investigations to know whether it’s actually possible to frame someone for information found on their computer that’s put there without them suspecting it. I know even less about how much of a challenge that might present, or how to protect oneself against that vulnerability.
I only know that planting child porn, or terrorism-related information, or participation in some Darknet market illegal business, or adding someone’s personal info to a website like Ashley Madison without their knowledge, seems like an obvious gambit for a dirty trick.
In my observation, people who dismiss this possibility as mere paranoia are people who have never found themselves in the middle of a political controversy, or a nasty divorce, or cutthroat competition in business, or other sorts of professional or personal rivalries. Some people are up for soliciting murder, after all. It stands to reason that a somewhat larger number of people would be willing to ruin someone or eliminate them by planting evidence on their computer—or by hiring someone to do that—in a New York minute. After all, someone was willing to do this.
I’d be interested in learning anything more about that risk that I could find out from other readers.
The fact that many child porn cases are for “receiving” illegal material indicates that arranging for certain kinds of stuff to be emailed to a person might be enough to make trouble for that person. And since we all get tons of spam email offering us adulterous relationships, chemical aphrodisiacs, or genital enlargement, it seems like about 100 percent of people online could be smeared easily if someone was so inclined.
I have no idea how high the bar is set for legal action, but the stories you see in the news often sound like they contain much more outrage than innocence. However, legal action isn’t needed if your goal is to hound, humiliate, and harass some poor person over crap they “received” over the internet.
I’m no computer expert, but I’ve read that a risk of using an unencrypted router for your home WiFi exposes you to someone parking outside your house (or in the next apartment) and poaching your WiFi to access and download material for their own purposes, such as child-porn, which could be traceable to passing through your system.
Indeed, there’s this cautionary tale: “Innocent Man Accused Of Child Pornography After Neighbor Pirates His WiFi.” There’s this quick guide from PC Mag to help protect you from the same fate. Another reader adds, “There was this case in England in 2003”:
Last October, local police knocked on his door, searched his home and seized his computer. They found no sign of pornography in his home but discovered 172 images of child pornography on the computer’s hard drive. They arrested Mr. Green.
This month, Mr. Green was acquitted in Exeter Crown Court after arguing that the material had been gathered without his knowledge by a rogue program created by hackers—a so-called Trojan horse—that had infected his PC, probably during innocent Internet surfing. Mr. Green, 45, is one of the first people to use this defense successfully.
As for the question of “receiving” illegal images, I am reminded of the 1967 action of the Yippies, mailing joints to 3,000 randomly chosen strangers, with a letter pointing out that receiving drugs was a federal crime, and they might as well smoke it.
Suffering a data breach is like discovering that someone rummaged through your bag when you weren’t looking. It’s a jarring invasion of privacy, whether the information stolen is as impersonal as a Social Security number or as intimate as years of emails, texts, and pics. For years, The Atlantic has been covering cyberattacks that target individuals, companies, and even the U.S. government—and the ways those intrusions affect personal, financial, and national security. We’ve compiled some of our best coverage in a new landing page, “The Atlantic Revisited: Navigating the End of Privacy,” and below are brief descriptions of those 18 pieces from our archives.
Everything Is Hackable ...
The U.S. presidential election captured the interest of leaders the world over—even inspiring some to try and influence the outcome. The U.S. Intelligence Community accused Russia of trying to manipulate the outcome of the election, but experts are divided on whether the digital interference is just a 21st-century version of politics as usual, or if it represents an unprecedented level of meddling in U.S. domestic affairs. (“What the DNC Hack Could Mean for Democracy,” Uri Friedman, August 2016)
For millions of people in the U.S., the internet went down for hours one Friday in October. The culprit: A botnet made up of poorly secured DVRs and webcams. Someone had commandeered hundreds of thousands of the internet-connected devices, turning them into pawns in a coordinated attack against a critical piece of the internet’s infrastructure. (“How a Bunch of Hacked DVR Machines Took Down Twitter and Reddit,” Robinson Meyer, October 2016)
When the Office of Personnel Management was hacked last year, more than 22 million people had their sensitive personal information—including Social Security numbers, addresses, and, in some cases, even fingerprints—stolen. When the victims got letters in the mail saying their information was taken, they had to reckon with the new risk of identity theft, and take action to protect themselves. (“Your Data Is Compromised. (Yes, Yours.) What Now?,” Kaveh Waddell, July 2015)
An online tool offered by the Internal Revenue Service allows taxpayers to easily check their tax history, but for a while, it didn’t do a good job of verifying users’ identities. Hackers used personal information gleaned from other data breaches to trick the tool into divulging people’s tax documents, which helped them file around $50 million in fraudulent tax returns. The breach was initially estimated to affect about 115,000 people, but after further investigations, the government realized that the victims numbered nearly 725,000. (“The IRS Hack Was Twice as Bad as We Thought,” Kaveh Waddell, February 2016)
Executives and employees at Sony Pictures woke up one day in 2014 to find their dirty laundry posted online—and indexed for easy searching—after a group calling itself the “Guardians of Peace” stole a trove of emails, salary information, and other sensitive data from the entertainment company. The FBI pointed fingers at North Korea, but security experts questioned whether it was possible to know exactly who was behind the cyberattack. (“We Still Don’t Know Who Hacked Sony,” Bruce Schneier, January 2015)
When Ashley Madison, a website that helps adults find extramarital affairs, was hacked, it was more than just mortifying for the millions of outed users. It was an introduction to “organizational doxing,” the practice of stealing enormous amounts of data from a company or government agency and publishing it online, heedless of the collateral damage it will cause. (“The Meanest Email You Ever Wrote, Searchable on the Internet,” Bruce Schneier, September 2015)
A hospital in Los Angeles switched to paper records and started turning patients away after its computer systems were infected with a virus that locked up vital data—and demanded a $3.6 million ransom to return it. (“A Hospital Paralyzed by Hackers,” Kaveh Waddell, February 2016)
Nude photos of female celebrities ricocheted across the internet after they were stolen from the celebs’ iCloud accounts and released online. But despite years of attempts to pass legislation that would slap special penalties on people distributing explicit images of people without their consent—a practice also known as “revenge porn”—only a few states actually have such laws on the books. (“Why Congress Won’t Help Jennifer Lawrence,” Lucia Graves, September 2014)
When Deb Fallows found her Gmail account acting funny one day, it wasn’t just a temporary bug: A hacker had gotten into her account and sent fake distress calls to all her closest email contacts, asking for money. In the following days, Deb and her husband, Jim, went on a hunt to regain control of the account, recover years of lost emails, and figure out just what had happened. (“Hacked!,” James Fallows, November 2011)
How long would it take a fake smart toaster, sitting alone in the massive sea of internet-connected devices, to get hacked? Andrew McGill dressed up a rented server to act like a web-connected toaster to see if any hackers would bite—and watched as the next 12 hours brought more than 300 attempts to take over the fake toaster. (“The Inevitability of Being Hacked,” Andrew McGill, October 2016)
Use a wireless keyboard at work or at home? Security researchers have found that many low-end models don’t use industry-standard security practices, instead transmitting between keyboard and computer with weak encryption—or no encryption at all. With the right tools, a hacker can spy on every email, password, and credit-card number being typed on a vulnerable keyboard nearby. (“Hackers Can Spy on Wireless Keyboards From Hundreds of Feet Away,” Kaveh Waddell, July 2016)
Have you ever been hacked? Were you, for example, one of the 22 million people caught up in the OPM breach? Have you had your email account compromised like Deb’s? Have your photos or other sensitive files been stolen? We would like to hear from you. Please send us a note about the experience to firstname.lastname@example.org and we will aim to post it here in Notes (anonymously, if you prefer).
… So, How Do We Defend Ourselves From the Hacker Onslaught? Here are several pieces that approach that question:
A team of 600 Homeland Security Department employees (and 400 contractors) works with private companies to secure infrastructure and public utilities around the country, from major-league ballparks to water plants to banks. They prepare for attacks that might be delivered by a suicide bomber driving a truck—or quietly over the internet. (“Meet the People Who Protect America’s Critical Infrastructure, Steven Brill, August 2016)
China’s cyber army is one of the top two or three online threats to the U.S., experts say. But the best way to contain the danger may be to work with, rather than isolate, China’s leaders. (“Cyber Warriors,” James Fallows, March 2010)
The two groups most dedicated to keeping the internet safe are sequestered on opposite coasts: the government’s suited and military-uniformed policy wonks in Washington, and hoodie-clad hackers up and down the West Coast. Getting them to work together is crucial, but it isn’t always easy. (“Suits and Hoodies: The Two Cybersecurity Cultures,” Justin Lynch, February 2015)
One afternoon in late October, teams of college-age hackers assembled in a room in Washington, D.C., and assailed a model water-treatment plant with cyberattacks, quickly bringing it to a screeching halt. Recruiters from Uber, Northrop Grumman, and the federal government flitted from table to table, eager to snap up young talent to help secure their own systems against attacks. (“Inside a Hacking Competition to Take Down a Water-Treatment Plant,” Kaveh Waddell, October 2016)
Skilled “white-hat” hackers—security researchers who use their computer skills to protect organizations from online threats—are always in short supply. But to keep them from being lured into illegal hacking, companies may have to be willing to pay out bigger salaries and “bounties.” (“When Ethical Hacking Can’t Compete,” Donna Lu, December 2015)
Apple’s standoff with the FBI over a locked smartphone that belonged to one of the San Bernardino shooters showed off the quality of the iPhone’s security safeguards. Most phones on the market wouldn’t have stood up to the federal government’s attempts to hack them. (“Encryption Is a Luxury,” Kaveh Waddell, March 2016)
Trump does little to hide his disdain for journalists—or his desire to sue them when he disagrees with what they write. It’s more important than ever for reporters and activists to protect their data and communication from prying eyes, but these tips—which touch on encrypted messaging, managing passwords, and browsing the internet anonymously—are just as relevant for our average reader. (“How Can Journalists Protect Themselves During a Trump Administration?,” Kaveh Waddell, November 2016)
In that last piece, I sketched out some ways you can protect yourself and your data from the prying eyes of hackers:
Signal, a smartphone app, is the medium of choice for privacy-conscious communicators, and is probably the easiest way to call or text securely. Encrypting email using PGP is also an option, but it’s far more cumbersome.
It’s also important to make up complex passwords—and never to reuse a username and password combination for more than one site. Password managers like 1Password, LastPass, and Dashlane can create a different randomized password for every website, and remember them all so that you don’t have to.
Turning on two-factor authentication on every service that supports it—Google, Slack, Dropbox, Amazon, etc.—makes it much harder for hackers to get into your accounts, by requiring you to approve every login with a mobile device. And for those who need to browse the internet securely, a properly configured Tor browser allows users to poke around the web anonymously.
Do you have any additional tips for how to keep your data safe? Please send us a note: email@example.com.
“Here I was on a ship in the Persian Gulf, with very little connection to the outside world, and someone was running wild with my money back stateside.” That reader continues his long story below—but first, here are a few short anecdotes from readers. Stephanie writes:
Have I ever been hacked? Sure, lots of times. I had my identity stolen several times when I lived in California, even before the internet was a thing. One of those thieves opened credit accounts and went bankrupt, which made for a real mess when I tried to get my first credit card. About once a year, I have to close a credit account because of fraud. Usually, I am notified by the issuing card company of suspicious activity.
My father lost his life savings in several accounts when thieves stole his debit card and checks. One of my email accounts has been hacked. My Facebook page has been hacked. So yeah, I’ve had experience with this.
So has this reader:
Who hasn’t been hacked? I’ve had my checking account compromised in a major way six times in eight years and many smaller breaches, but I’ll just tell you about nos. 2 and 3.
Someone bought $6,000 of furniture in Italy (we are in NJ) so that brought us down to $0.00 on the first of the month. Naturally we were at the bank within minutes and everything was fixed to our absolute satisfaction. This was on a Sunday.
Then on Tuesday our account was drained again, with our new debit card numbers. Within two days, how could this happen? Somewhat hysterical, I was allowed to reach the Fraud Investigation Department of our national bank. He told me they had 250 employees who investigated fraud. This was almost a decade ago. Wow, he had no idea yet how the first event happened but was quite sure the second one came from a hidden camera at an ATM machine which at that time was a fairly new method, at least to me.
Here’s the scoop now: I check my account online almost every day. I don’t know if that sets me up for vandalism or not, but I have caught untoward things before they roll out of control—recently a small charge for something on my card but using my husband’s name. This is apparently a practice to see if the account is valid before they do the big hit.
I am resigned that this is going to keep happening despite all efforts by the banks. It is a new world and realize that and watch your bank account daily.
Just a few weeks ago, I got a text alert from my bank asking if I charged 29 cents on my credit card in Georgia. I’m in D.C., and I can’t imagine ever buying something for 29 cents, let alone with a credit card, so the bank promptly cancelled my card and sent me a new one—but the mailing address was muddled and it didn’t arrive for a while, causing a bit of a headache while I was traveling to Minnesota over Thanksgiving. But this reader had it much worse:
I am a midshipman at the United States Naval Academy, and I along with many of my shipmates were a part of the OPM breach. However, my story is about a different, more common hack: getting your credit or debit card information stolen. This happened at around the same time as the OPM breach, so it may or may not be related.
As part of the training at the Naval Academy, midshipmen after their first year are sent a ship in the fleet to shadow an enlisted sailor for a month. I was lucky to be sent to USS Rushmore while she was on deployment in the Persian Gulf. It was a great experience where I was able to see the terrific people that we have in our Navy.
I kept in touch with my family through Facebook messages over the ship’s extremely slow satellite internet connection. One day, about two weeks in, I got a message from my family that my bank, Navy Federal Credit Union, had contacted them about fraudulent charges.
Here I was in the middle of the Persian Gulf, with very little connection to the outside world, and someone was running wild with my money back stateside. I contacted the officer in charge of us midshipmen on the ship, and she was able to allow me to use the ship’s satellite phone to call Navy Federal and sort this out. We went through the recent charges and I identified which were fraudulent. Interestingly enough for the worker on the other end of the call, the fraudulent charges were from convenience stores in Pennsylvania, not from the Amsterdam airport or Bahrain.
Navy Federal has a very good policy for this sort of thing, and I was not liable for the charges at all. As midshipmen, we do not get paid very much. However, my card had to be canceled, so now I had no access to money on the other side of the world. I had no money for liberty in Dubai and no money during my travel back stateside. In our mandatory cybersecurity classes at the Academy, we would call this result an attack on the cybersecurity pillar of Availability.
I was lucky to have good midshipmen friends who helped me out during this crisis, and I eventually payed them back. However, theft of credit card information is extremely common. These days, it is not really a question of if, but when. A young enlisted sailor who is in a more precarious situation than I am could be put in a pretty bad place. That sailor might not regularly contact someone back home, and may return from deployment nine months later to see this problem become way out of hand.
Our servicemembers are particularly vulnerable to this kind of thing, especially when they are on deployment, but it is extremely difficult to prevent this sort of hack. The best defense is probably early alert procedures and a generous policy for resolving fraudulent charges on service member’s accounts after the fact.
Thank you for soliciting these responses, I’ll be interested to see other stories.
If you have your own story, especially one that don’t involve money theft—private emails? private texts? your online dating or porn history? sensitive work info? —please send us a note: firstname.lastname@example.org (we would post it anonymously). Update from another reader:
Several years ago I had my identity stolen and apparently sold to a variety of thieves, who attempted to open about a dozen credit-card accounts with my info. I filed numerous federal and local reports, retained services of an Identity Theft consultant for a year (paid for by my insurance company), spent dozens of hours on the phone, and created voluminous files and records of the entire situation to share with law enforcement, credit bureaus (all three), bank credit card fraud prevention managers, etc..
Our local sheriff’s department detective was very sympathetic but basically told me they accepted reports but didn’t investigate these (frequent) crimes because they didn’t have resources, even though we provided the addresses of phony drop boxes in our state where the thieves were obviously picking up the mailed credit cards had they been successful open obtaining any.
The three credit bureaus are totally unhelpful in helping to resolve these crimes. They apparently see them as a chance to sell you more fraud-detection software and will only place a mandated long-term (seven-year) block on your credit records (rather than the year or less they grudgingly offer) if you can provide copies of local reports to law enforcement plus the Federal Trade Commission ID Theft report. In other words, they are more interested in converting your problem into a revenue source for themselves. Federal legislation around the credit bureaus is as full of loopholes as Swiss cheese, due no doubt to their extensive lobbying efforts to our elected representatives who are supposed to be protecting citizens’ interest.
Then, to add even more grief to the experience, one friendly bank-fraud-prevention manager was kind enough to tell me that, based on his lengthy experience with these activities, once we got the fraudulent requests stopped, we could look forward to having it all start up again in about six months—which is apparently the maximum amount of time most people are able to get the credit bureaus to flag their accounts. And sure enough, after just about six months to the day, we had more fraudulent credit-card requests start hitting again—fewer this time, probably because the crooks figured out pretty quickly we had placed the seven-year-block flags in place, rather than the usual short-term blocks most victims end up with at the bureaus.
This is a big, serious problem that is not getting the attention from our elected officials it deserves. These slime balls can reach out from anywhere in the world to ruin your life, mostly with impunity, and it’s obviously getting much worse, since we’re seeing hackers now being accused of breaking into government systems and influencing our elections. This is totally a federal issue because of the state (and national) border lines crossed in the activity. Our national security and military tech specialists probably already have the capability to catch these criminals, they just need the motivation and direction from our political leaders paying attention to the number of honest taxpayers who are being preyed upon.
My email was hacked years ago. The hacker had been accessing my account for weeks before I found out. The hacker corresponded with a couple of my former male acquaintances and forwarded them nude pictures I had sent to a man I was dating.
Neither of the former acquaintances said a word. In fact, they conversed with the hacker back and forth without my noticing it. The hacker was deleting the emails from the inbox and I rarely checked the sent folder.
One weekend morning, a friend called me to say he was getting strange messages from my email address. He said my account had been compromised that morning. Someone had sent out a mass email from my account with pictures, personal correspondences, and my password with an invitation to everyone to access my account. When I opened my email, I discovered that the person had forwarded the information to not only friends but also family, including my aunt. I was devastated.
Since then, I am leery about using email, and I’m done using it for personal business. Even though I do use two-step verification, I keep my email limited to professional messages and the occasional message to friends or family to give me a call.
I eventually learned the identity of the hacker: A male friend’s girlfriend had her friend hack my email because she mistakenly thought we were more than friends.
Omicron, also known as B.1.1.529, was first detected in Botswana and South Africa earlier this month, and very little is known about it so far. But the variant is moving fast. South Africa, the country that initially flagged Omicron to WHO this week, has experienced a surge of new cases—some reportedly in people who were previously infected or vaccinated—and the virus has already spilled across international borders into places such as Hong Kong, Belgium, Israel, and the United Kingdom. Several nations are now selectively shutting down travel to impede further spread. For instance, on Monday, the United States will start restricting travel from Botswana, South Africa, Zimbabwe, Namibia, Lesotho, Eswatini, Mozambique, and Malawi.
Instead of using his acquittal to promote vigorous discussion, many administrators sent out statements decrying the verdict.
At universities, the recent acquittal of Kyle Rittenhouse should be an opportunity to study a divisive case that sparked complex debates about issues as varied as self-defense laws, guns, race, riots, the rights of defendants, prosecutorial missteps, media bias, and more. If administrators were doing their jobs, faculty and students would freely air a wide variety of viewpoints and have opportunities to better understand one another’s diverse perspectives. Instead, many administrators are preemptively imposing their preferred narratives.
The Rittenhouse saga began in Kenosha, Wisconsin, on August 25, amid rioting that followed the police shooting of a Black man. Rittenhouse, then 17, armed himself with an AR-15-style rifle and walked into the chaos, claiming that he intended to protect the community. He wound up shooting three men, killing two. Last week, a Wisconsin jury found him not guilty of murder, crediting his claim that, at the moment he fired, he feared for his life and acted in self-defense. This, many analysts argued, was a plausible conclusion to draw from Wisconsin law and video footage and testimony presented at trial.
People with scant illusions about Trump are volunteering to help him execute one of his Big Lies.
If Donald Trump had been supported only by people who affirmatively liked him, his attack on American democracy would never have gotten as far as it did.
Instead, at almost every turn, Trump was helped by people who had little liking for him as a human being or politician, but assessed that he could be useful for purposes of their own. The latest example: the suddenly red-hot media campaign to endorse Trump’s fantasy that he was the victim of a “Russia hoax.”
The usual suspects in the pro-Trump media ecosystem will of course endorse and repeat everything Trump says, no matter how outlandish. But it’s not pro-Trumpers who are leading the latest round of Trump-Russia denialism. This newest round of excuse-making is being sounded from more respectable quarters, in many cases by people distinguished as Trump critics. With Trump out of office—at least for the time being—they now feel free to subordinate their past concerns about him to other private quarrels with the FBI or mainstream media institutions. On high-subscription Substacks, on popular podcasts, even from within prestige media institutions, people with scant illusions about Trump the man and president are nonetheless volunteering to help him execute one of his Big Lies.
Diners, Drive-Ins and Dives is a mainstay of basic cable—and a rallying cry for a country that is losing touch with itself.
In 2007, in one of the first episodes of Diners, Drive-Ins and Dives, Guy Fieri visited Patrick’s Roadhouse, a railway-station-turned-restaurant in Santa Monica, California. The diner’s chef, Silvio Moreira, walked Fieri through the preparation of one of Patrick’s most notable dishes, the Rockefeller—a burger topped with mushrooms, sour cream, jack cheese, and … caviar. Fieri, looking playfully trepidatious, lifted the burger with both hands, said a fake prayer, and did what he would proceed to do thousands of times on the show: He took an enormous bite. And then he fell silent. “Wooow,” he commented, finally, shooting Moreira a what-have-you-done-to-me look.
“Different, huh?” Moreira said, grinning. “Yeah,” Fieri replied. The show’s camera discreetly cut away to the next scene.
The preponderance of the evidence suggests that social media is causing real damage to adolescents.
Social media gets blamed for many of America’s ills, including the polarization of our politics and the erosion of truth itself. But proving that harms have occurred to all of society is hard. Far easier to show is the damage to a specific class of people: adolescent girls, whose rates of depression, anxiety, and self-injury surged in the early 2010s, as social-media platforms proliferated and expanded. Much more than for boys, adolescence typically heightens girls’ self-consciousness about their changing body and amplifies insecurities about where they fit in their social network. Social media—particularly Instagram, which displaces other forms of interaction among teens, puts the size of their friend group on public display, and subjects their physical appearance to the hard metrics of likes and comment counts—takes the worst parts of middle school and glossy women’s magazines and intensifies them.
Every year thousands of Americans die on the roads. Individuals take the blame for systemic problems.
More than 20,000 people died on American roadways from January to June, the highest total for the first half of any year since 2006. U.S. road fatalities have risen by more than 10 percent over the past decade, even as they have fallen across most of the developed world. In the European Union, whose population is one-third larger than America’s, traffic deaths dropped by 36 percent between 2010 and 2020, to 18,800. That downward trend is no accident: European regulators have pushed carmakers to build vehicles that are safer for pedestrians and cyclists, and governments regularly adjust road designs after a crash to reduce the likelihood of recurrence.
But in the United States, the responsibility for road safety largely falls on the individual sitting behind the wheel, or riding a bike, or crossing the street. American transportation departments, law-enforcement agencies, and news outlets frequently maintain that most crashes—indeed, 94 percent of them, according to the most widely circulated statistic—are solely due to human error. Blaming the bad decisions of road users implies that nobody else could have prevented them. That enables car companies to deflect attention from their decisions to add heft and height to the SUVs and trucks that make up an ever-larger portion of vehicle sales, and it allows traffic engineers to escape scrutiny for dangerous street designs.
When life feels this precarious, it’s only natural to roll the dice on just about everything.
Gambling has become one of the defining pleasures of our time, the perfect accompaniment to an era of high-risk, rigged economies and a looming sense of collapse. Once there was Las Vegas; now there’s a Las Vegas in every phone.
You can bet on almost anything today. Elections. Literary prizes. If you have a feeling that, say, Lapuan Virkiä is going to beat Porin Pesakarhut in the women’s Superpesis, the top professional pesäpallo league in Finland, you can put your money where your mouth is. During the pandemic, as casinos and racetracks closed, you could wager on the evening’s forecast in real time, or on the upcoming winter snowfall. There was serious action on the highest daily temperatures of major American cities. Then there are the ads. If you watch sports regularly, you probably feel, as I do, that the games have become interruptions in a more or less constant barrage of wagering promotion. Gambling is swallowing sports.
Medical professionals are used to being believed, but as patients, they found that their expertise didn’t matter.
Before she caught COVID-19 at a wedding in March 2020, the physician associate spent her days diagnosing and treating people; after she was infected, she turned to her own colleagues for that same care. “At first,” she told me, “I felt a kinship with them.” But when her tests started coming back negative, her doctors began telling her that her symptoms—daily migraines, unrelenting vertigo, tinnitus, severe crashes after mild activity—were just in her head. (I agreed not to name her so that she could speak openly about people she still works with.)
When she went to the emergency room because half her body had gone numb, the ER doctor offered to book her an appointment with a counselor. Another doctor told her to try removing her IUD, because, she remembers him saying, “hormones do funny things to women.” When she asked her neurologist for more tests, he said that her medical background had already earned her “more testing than I was entitled to,” she told me. Being part of the medical community made her no different from any other patient with long COVID, her eventual diagnosis. Despite being a medical professional, she couldn’t convince her own physicians—people who knew her and worked with her—that something was seriously wrong.
The traumas of the past year have left some people wrestling with an awful question: Am I still a good person?
Throughout the pandemic, people have had to make impossibly tough decisions. Kathleen Turner, a 52-year-old intensive-care nurse in San Francisco, has been haunted by hers. Since COVID-19 patients started overwhelming her hospital last spring, she has had to give patients sedatives knowing they would likely have lasting negative health consequences, and systematically deny relatives a chance to say goodbye to dying loved ones. Last year, Turner was following guidelines when she told a woman that she could not visit her dying mother—on Mother’s Day. “I upheld the rule on the piece of paper,” she told me. “But in terms of what would a good person do? It’s not that.” Collectively, these experiences have fundamentally shaken her sense of morality. “Am I really a good person? There’s that seed of doubt,” she said.
About one in five health-care workers has left their job since the pandemic started. This is their story—and the story of those left behind.
The moment that broke Cassie Alexander came nine months into the pandemic. As an intensive-care-unit nurse of 14 years, Alexander had seen plenty of “Hellraiser stuff,” she told me. But when COVID-19 hit her Bay Area hospital, she witnessed “death on a scale I had never seen before.”
Last December, at the height of the winter surge, she cared for a patient who had caught the coronavirus after being pressured into a Thanksgiving dinner. Their lungs were so ruined that only a hand-pumped ventilation bag could supply enough oxygen. Alexander squeezed the bag every two seconds for 40 minutes straight to give the family time to say goodbye. Her hands cramped and blistered as the family screamed and prayed. When one of them said that a miracle might happen, Alexander found herself thinking, I am the miracle. I’m the only person keeping your loved one alive. (Cassie Alexander is a pseudonym that she has used when writing a book about these experiences. I agreed to use that pseudonym here.)