My email was hacked years ago. The hacker had been accessing my account for weeks before I found out. The hacker corresponded with a couple of my former male acquaintances and forwarded them nude pictures I had sent to a man I was dating.
Neither of the former acquaintances said a word. In fact, they conversed with the hacker back and forth without my noticing it. The hacker was deleting the emails from the inbox and I rarely checked the sent folder.
One weekend morning, a friend called me to say he was getting strange messages from my email address. He said my account had been compromised that morning. Someone had sent out a mass email from my account with pictures, personal correspondences, and my password with an invitation to everyone to access my account. When I opened my email, I discovered that the person had forwarded the information to not only friends but also family, including my aunt. I was devastated.
Since then, I am leery about using email, and I’m done using it for personal business. Even though I do use two-step verification, I keep my email limited to professional messages and the occasional message to friends or family to give me a call.
I eventually learned the identity of the hacker: A male friend’s girlfriend had her friend hack my email because she mistakenly thought we were more than friends.
“Here I was on a ship in the Persian Gulf, with very little connection to the outside world, and someone was running wild with my money back stateside.” That reader continues his long story below—but first, here are a few short anecdotes from readers. Stephanie writes:
Have I ever been hacked? Sure, lots of times. I had my identity stolen several times when I lived in California, even before the internet was a thing. One of those thieves opened credit accounts and went bankrupt, which made for a real mess when I tried to get my first credit card. About once a year, I have to close a credit account because of fraud. Usually, I am notified by the issuing card company of suspicious activity.
My father lost his life savings in several accounts when thieves stole his debit card and checks. One of my email accounts has been hacked. My Facebook page has been hacked. So yeah, I’ve had experience with this.
So has this reader:
Who hasn’t been hacked? I’ve had my checking account compromised in a major way six times in eight years and many smaller breaches, but I’ll just tell you about nos. 2 and 3.
Someone bought $6,000 of furniture in Italy (we are in NJ) so that brought us down to $0.00 on the first of the month. Naturally we were at the bank within minutes and everything was fixed to our absolute satisfaction. This was on a Sunday.
Then on Tuesday our account was drained again, with our new debit card numbers. Within two days, how could this happen? Somewhat hysterical, I was allowed to reach the Fraud Investigation Department of our national bank. He told me they had 250 employees who investigated fraud. This was almost a decade ago. Wow, he had no idea yet how the first event happened but was quite sure the second one came from a hidden camera at an ATM machine which at that time was a fairly new method, at least to me.
Here’s the scoop now: I check my account online almost every day. I don’t know if that sets me up for vandalism or not, but I have caught untoward things before they roll out of control—recently a small charge for something on my card but using my husband’s name. This is apparently a practice to see if the account is valid before they do the big hit.
I am resigned that this is going to keep happening despite all efforts by the banks. It is a new world and realize that and watch your bank account daily.
Just a few weeks ago, I got a text alert from my bank asking if I charged 29 cents on my credit card in Georgia. I’m in D.C., and I can’t imagine ever buying something for 29 cents, let alone with a credit card, so the bank promptly cancelled my card and sent me a new one—but the mailing address was muddled and it didn’t arrive for a while, causing a bit of a headache while I was traveling to Minnesota over Thanksgiving. But this reader had it much worse:
I am a midshipman at the United States Naval Academy, and I along with many of my shipmates were a part of the OPM breach. However, my story is about a different, more common hack: getting your credit or debit card information stolen. This happened at around the same time as the OPM breach, so it may or may not be related.
As part of the training at the Naval Academy, midshipmen after their first year are sent a ship in the fleet to shadow an enlisted sailor for a month. I was lucky to be sent to USS Rushmore while she was on deployment in the Persian Gulf. It was a great experience where I was able to see the terrific people that we have in our Navy.
I kept in touch with my family through Facebook messages over the ship’s extremely slow satellite internet connection. One day, about two weeks in, I got a message from my family that my bank, Navy Federal Credit Union, had contacted them about fraudulent charges.
Here I was in the middle of the Persian Gulf, with very little connection to the outside world, and someone was running wild with my money back stateside. I contacted the officer in charge of us midshipmen on the ship, and she was able to allow me to use the ship’s satellite phone to call Navy Federal and sort this out. We went through the recent charges and I identified which were fraudulent. Interestingly enough for the worker on the other end of the call, the fraudulent charges were from convenience stores in Pennsylvania, not from the Amsterdam airport or Bahrain.
Navy Federal has a very good policy for this sort of thing, and I was not liable for the charges at all. As midshipmen, we do not get paid very much. However, my card had to be canceled, so now I had no access to money on the other side of the world. I had no money for liberty in Dubai and no money during my travel back stateside. In our mandatory cybersecurity classes at the Academy, we would call this result an attack on the cybersecurity pillar of Availability.
I was lucky to have good midshipmen friends who helped me out during this crisis, and I eventually payed them back. However, theft of credit card information is extremely common. These days, it is not really a question of if, but when. A young enlisted sailor who is in a more precarious situation than I am could be put in a pretty bad place. That sailor might not regularly contact someone back home, and may return from deployment nine months later to see this problem become way out of hand.
Our servicemembers are particularly vulnerable to this kind of thing, especially when they are on deployment, but it is extremely difficult to prevent this sort of hack. The best defense is probably early alert procedures and a generous policy for resolving fraudulent charges on service member’s accounts after the fact.
Thank you for soliciting these responses, I’ll be interested to see other stories.
If you have your own story, especially one that don’t involve money theft—private emails? private texts? your online dating or porn history? sensitive work info? —please send us a note: email@example.com (we would post it anonymously). Update from another reader:
Several years ago I had my identity stolen and apparently sold to a variety of thieves, who attempted to open about a dozen credit-card accounts with my info. I filed numerous federal and local reports, retained services of an Identity Theft consultant for a year (paid for by my insurance company), spent dozens of hours on the phone, and created voluminous files and records of the entire situation to share with law enforcement, credit bureaus (all three), bank credit card fraud prevention managers, etc..
Our local sheriff’s department detective was very sympathetic but basically told me they accepted reports but didn’t investigate these (frequent) crimes because they didn’t have resources, even though we provided the addresses of phony drop boxes in our state where the thieves were obviously picking up the mailed credit cards had they been successful open obtaining any.
The three credit bureaus are totally unhelpful in helping to resolve these crimes. They apparently see them as a chance to sell you more fraud-detection software and will only place a mandated long-term (seven-year) block on your credit records (rather than the year or less they grudgingly offer) if you can provide copies of local reports to law enforcement plus the Federal Trade Commission ID Theft report. In other words, they are more interested in converting your problem into a revenue source for themselves. Federal legislation around the credit bureaus is as full of loopholes as Swiss cheese, due no doubt to their extensive lobbying efforts to our elected representatives who are supposed to be protecting citizens’ interest.
Then, to add even more grief to the experience, one friendly bank-fraud-prevention manager was kind enough to tell me that, based on his lengthy experience with these activities, once we got the fraudulent requests stopped, we could look forward to having it all start up again in about six months—which is apparently the maximum amount of time most people are able to get the credit bureaus to flag their accounts. And sure enough, after just about six months to the day, we had more fraudulent credit-card requests start hitting again—fewer this time, probably because the crooks figured out pretty quickly we had placed the seven-year-block flags in place, rather than the usual short-term blocks most victims end up with at the bureaus.
This is a big, serious problem that is not getting the attention from our elected officials it deserves. These slime balls can reach out from anywhere in the world to ruin your life, mostly with impunity, and it’s obviously getting much worse, since we’re seeing hackers now being accused of breaking into government systems and influencing our elections. This is totally a federal issue because of the state (and national) border lines crossed in the activity. Our national security and military tech specialists probably already have the capability to catch these criminals, they just need the motivation and direction from our political leaders paying attention to the number of honest taxpayers who are being preyed upon.
Suffering a data breach is like discovering that someone rummaged through your bag when you weren’t looking. It’s a jarring invasion of privacy, whether the information stolen is as impersonal as a Social Security number or as intimate as years of emails, texts, and pics. For years, The Atlantic has been covering cyberattacks that target individuals, companies, and even the U.S. government—and the ways those intrusions affect personal, financial, and national security. We’ve compiled some of our best coverage in a new landing page, “The Atlantic Revisited: Navigating the End of Privacy,” and below are brief descriptions of those 18 pieces from our archives.
Everything Is Hackable ...
The U.S. presidential election captured the interest of leaders the world over—even inspiring some to try and influence the outcome. The U.S. Intelligence Community accused Russia of trying to manipulate the outcome of the election, but experts are divided on whether the digital interference is just a 21st-century version of politics as usual, or if it represents an unprecedented level of meddling in U.S. domestic affairs. (“What the DNC Hack Could Mean for Democracy,” Uri Friedman, August 2016)
For millions of people in the U.S., the internet went down for hours one Friday in October. The culprit: A botnet made up of poorly secured DVRs and webcams. Someone had commandeered hundreds of thousands of the internet-connected devices, turning them into pawns in a coordinated attack against a critical piece of the internet’s infrastructure. (“How a Bunch of Hacked DVR Machines Took Down Twitter and Reddit,” Robinson Meyer, October 2016)
When the Office of Personnel Management was hacked last year, more than 22 million people had their sensitive personal information—including Social Security numbers, addresses, and, in some cases, even fingerprints—stolen. When the victims got letters in the mail saying their information was taken, they had to reckon with the new risk of identity theft, and take action to protect themselves. (“Your Data Is Compromised. (Yes, Yours.) What Now?,” Kaveh Waddell, July 2015)
An online tool offered by the Internal Revenue Service allows taxpayers to easily check their tax history, but for a while, it didn’t do a good job of verifying users’ identities. Hackers used personal information gleaned from other data breaches to trick the tool into divulging people’s tax documents, which helped them file around $50 million in fraudulent tax returns. The breach was initially estimated to affect about 115,000 people, but after further investigations, the government realized that the victims numbered nearly 725,000. (“The IRS Hack Was Twice as Bad as We Thought,” Kaveh Waddell, February 2016)
Executives and employees at Sony Pictures woke up one day in 2014 to find their dirty laundry posted online—and indexed for easy searching—after a group calling itself the “Guardians of Peace” stole a trove of emails, salary information, and other sensitive data from the entertainment company. The FBI pointed fingers at North Korea, but security experts questioned whether it was possible to know exactly who was behind the cyberattack. (“We Still Don’t Know Who Hacked Sony,” Bruce Schneier, January 2015)
When Ashley Madison, a website that helps adults find extramarital affairs, was hacked, it was more than just mortifying for the millions of outed users. It was an introduction to “organizational doxing,” the practice of stealing enormous amounts of data from a company or government agency and publishing it online, heedless of the collateral damage it will cause. (“The Meanest Email You Ever Wrote, Searchable on the Internet,” Bruce Schneier, September 2015)
A hospital in Los Angeles switched to paper records and started turning patients away after its computer systems were infected with a virus that locked up vital data—and demanded a $3.6 million ransom to return it. (“A Hospital Paralyzed by Hackers,” Kaveh Waddell, February 2016)
Nude photos of female celebrities ricocheted across the internet after they were stolen from the celebs’ iCloud accounts and released online. But despite years of attempts to pass legislation that would slap special penalties on people distributing explicit images of people without their consent—a practice also known as “revenge porn”—only a few states actually have such laws on the books. (“Why Congress Won’t Help Jennifer Lawrence,” Lucia Graves, September 2014)
When Deb Fallows found her Gmail account acting funny one day, it wasn’t just a temporary bug: A hacker had gotten into her account and sent fake distress calls to all her closest email contacts, asking for money. In the following days, Deb and her husband, Jim, went on a hunt to regain control of the account, recover years of lost emails, and figure out just what had happened. (“Hacked!,” James Fallows, November 2011)
How long would it take a fake smart toaster, sitting alone in the massive sea of internet-connected devices, to get hacked? Andrew McGill dressed up a rented server to act like a web-connected toaster to see if any hackers would bite—and watched as the next 12 hours brought more than 300 attempts to take over the fake toaster. (“The Inevitability of Being Hacked,” Andrew McGill, October 2016)
Use a wireless keyboard at work or at home? Security researchers have found that many low-end models don’t use industry-standard security practices, instead transmitting between keyboard and computer with weak encryption—or no encryption at all. With the right tools, a hacker can spy on every email, password, and credit-card number being typed on a vulnerable keyboard nearby. (“Hackers Can Spy on Wireless Keyboards From Hundreds of Feet Away,” Kaveh Waddell, July 2016)
Have you ever been hacked? Were you, for example, one of the 22 million people caught up in the OPM breach? Have you had your email account compromised like Deb’s? Have your photos or other sensitive files been stolen? We would like to hear from you. Please send us a note about the experience to firstname.lastname@example.org and we will aim to post it here in Notes (anonymously, if you prefer).
… So, How Do We Defend Ourselves From the Hacker Onslaught? Here are several pieces that approach that question:
A team of 600 Homeland Security Department employees (and 400 contractors) works with private companies to secure infrastructure and public utilities around the country, from major-league ballparks to water plants to banks. They prepare for attacks that might be delivered by a suicide bomber driving a truck—or quietly over the internet. (“Meet the People Who Protect America’s Critical Infrastructure, Steven Brill, August 2016)
China’s cyber army is one of the top two or three online threats to the U.S., experts say. But the best way to contain the danger may be to work with, rather than isolate, China’s leaders. (“Cyber Warriors,” James Fallows, March 2010)
The two groups most dedicated to keeping the internet safe are sequestered on opposite coasts: the government’s suited and military-uniformed policy wonks in Washington, and hoodie-clad hackers up and down the West Coast. Getting them to work together is crucial, but it isn’t always easy. (“Suits and Hoodies: The Two Cybersecurity Cultures,” Justin Lynch, February 2015)
One afternoon in late October, teams of college-age hackers assembled in a room in Washington, D.C., and assailed a model water-treatment plant with cyberattacks, quickly bringing it to a screeching halt. Recruiters from Uber, Northrop Grumman, and the federal government flitted from table to table, eager to snap up young talent to help secure their own systems against attacks. (“Inside a Hacking Competition to Take Down a Water-Treatment Plant,” Kaveh Waddell, October 2016)
Skilled “white-hat” hackers—security researchers who use their computer skills to protect organizations from online threats—are always in short supply. But to keep them from being lured into illegal hacking, companies may have to be willing to pay out bigger salaries and “bounties.” (“When Ethical Hacking Can’t Compete,” Donna Lu, December 2015)
Apple’s standoff with the FBI over a locked smartphone that belonged to one of the San Bernardino shooters showed off the quality of the iPhone’s security safeguards. Most phones on the market wouldn’t have stood up to the federal government’s attempts to hack them. (“Encryption Is a Luxury,” Kaveh Waddell, March 2016)
Trump does little to hide his disdain for journalists—or his desire to sue them when he disagrees with what they write. It’s more important than ever for reporters and activists to protect their data and communication from prying eyes, but these tips—which touch on encrypted messaging, managing passwords, and browsing the internet anonymously—are just as relevant for our average reader. (“How Can Journalists Protect Themselves During a Trump Administration?,” Kaveh Waddell, November 2016)
In that last piece, I sketched out some ways you can protect yourself and your data from the prying eyes of hackers:
Signal, a smartphone app, is the medium of choice for privacy-conscious communicators, and is probably the easiest way to call or text securely. Encrypting email using PGP is also an option, but it’s far more cumbersome.
It’s also important to make up complex passwords—and never to reuse a username and password combination for more than one site. Password managers like 1Password, LastPass, and Dashlane can create a different randomized password for every website, and remember them all so that you don’t have to.
Turning on two-factor authentication on every service that supports it—Google, Slack, Dropbox, Amazon, etc.—makes it much harder for hackers to get into your accounts, by requiring you to approve every login with a mobile device. And for those who need to browse the internet securely, a properly configured Tor browser allows users to poke around the web anonymously.
Do you have any additional tips for how to keep your data safe? Please send us a note: email@example.com.
I’m no computer expert, but I’ve read that a risk of using an unencrypted router for your home WiFi exposes you to someone parking outside your house (or in the next apartment) and poaching your WiFi to access and download material for their own purposes, such as child-porn, which could be traceable to passing through your system.
Indeed, there’s this cautionary tale: “Innocent Man Accused Of Child Pornography After Neighbor Pirates His WiFi.” There’s this quick guide from PC Mag to help protect you from the same fate. Another reader adds, “There was this case in England in 2003”:
Last October, local police knocked on his door, searched his home and seized his computer. They found no sign of pornography in his home but discovered 172 images of child pornography on the computer’s hard drive. They arrested Mr. Green.
This month, Mr. Green was acquitted in Exeter Crown Court after arguing that the material had been gathered without his knowledge by a rogue program created by hackers—a so-called Trojan horse—that had infected his PC, probably during innocent Internet surfing. Mr. Green, 45, is one of the first people to use this defense successfully.
As for the question of “receiving” illegal images, I am reminded of the 1967 action of the Yippies, mailing joints to 3,000 randomly chosen strangers, with a letter pointing out that receiving drugs was a federal crime, and they might as well smoke it.
Earlier this week on The Atlantic, security expert Bruce Schneier took stock of our collective anxieties in the wake of the Ashley Madison hack. Is our online activity ever really private? A reader takes that worry a step further:
In a non-material realm where all data can be fabricated and easily transferred, what’s to prevent hackers from framing people?
The example I keep returning to is Internet child porn. In the case of criminal offenses like that, the presumption of innocence tends to get hindered from the outset by the severity of the charge. The mere accusation is enough to put someone under a cloud of suspicion, or to impeach their credibility. And it seems to me that anyone who can hack a computer network can also compromise someone's home computer to plant files on it.
I have to say, I don’t know enough about either computers, the “cloud,” or the workings of child porn investigations to know whether it’s actually possible to frame someone for information found on their computer that’s put there without them suspecting it. I know even less about how much of a challenge that might present, or how to protect oneself against that vulnerability.
I only know that planting child porn, or terrorism-related information, or participation in some Darknet market illegal business, or adding someone’s personal info to a website like Ashley Madison without their knowledge, seems like an obvious gambit for a dirty trick.
In my observation, people who dismiss this possibility as mere paranoia are people who have never found themselves in the middle of a political controversy, or a nasty divorce, or cutthroat competition in business, or other sorts of professional or personal rivalries. Some people are up for soliciting murder, after all. It stands to reason that a somewhat larger number of people would be willing to ruin someone or eliminate them by planting evidence on their computer—or by hiring someone to do that—in a New York minute. After all, someone was willing to do this.
I’d be interested in learning anything more about that risk that I could find out from other readers.
The fact that many child porn cases are for “receiving” illegal material indicates that arranging for certain kinds of stuff to be emailed to a person might be enough to make trouble for that person. And since we all get tons of spam email offering us adulterous relationships, chemical aphrodisiacs, or genital enlargement, it seems like about 100 percent of people online could be smeared easily if someone was so inclined.
I have no idea how high the bar is set for legal action, but the stories you see in the news often sound like they contain much more outrage than innocence. However, legal action isn’t needed if your goal is to hound, humiliate, and harass some poor person over crap they “received” over the internet.
The president thrives on having an opponent to villainize. With impeachment, there are too many to choose from.
It is a strategy that President Donald Trump has deployed throughout his life, as instinctive and natural to him as the act of breathing: Villainize whoever is blocking his way.
Distasteful as Trump’s taunts might be, ridiculing adversaries has been the blunt-force instrument that propelled his political rise, with the president turning people into targets of scorn. As the impeachment fight enters its public phase, though, Trump faces a quandary. His go-to move may be inadequate in this moment for the very same reason the impeachment threat is so grave. There may be too many accusers who believe he shook down Ukraine, too many people who find fault with his behavior for the president to smack with a rhetorical mallet.
A tectonic demographic shift is under way. Can the country hold together?
Democracy depends on the consent of the losers. For most of the 20th century, parties and candidates in the United States have competed in elections with the understanding that electoral defeats are neither permanent nor intolerable. The losers could accept the result, adjust their ideas and coalitions, and move on to fight in the next election. Ideas and policies would be contested, sometimes viciously, but however heated the rhetoric got, defeat was not generally equated with political annihilation. The stakes could feel high, but rarely existential. In recent years, however, beginning before the election of Donald Trump and accelerating since, that has changed.
The GOP will not be a great or good party until those who lead it straighten their backbone.
The first day of public hearings into the impeachment inquiry of President Donald Trump included an explosive revelation. William B. Taylor Jr., the senior American diplomat in Ukraine, tied Trump even more directly than we previously knew to the effort to pressure Ukraine to probe his political opponent.
But as damaging as Taylor’s testimony proved, it was merely another massive boulder in the avalanche of evidence against the president. We are well beyond the point that any disinterested person can deny that the president abused his power and acted in a corrupt manner, in ways the American founders explicitly warned against.
That the president acted the way he did should surprise exactly no one, given his disordered personality and Nietzschean ethic, his pathological lying and brutishness and bullying, and his history of personal and professional depravity. The president is a deeply damaged human being—and therefore a deeply dangerous president.
A record-setting acqua alta has left much of Venice submerged, following stormy conditions blowing in from the Adriatic Sea.
Yesterday, strong winds and rainstorms pushed water levels in Venice, Italy, to the second-highest levels ever recorded. The high-water mark hit 74 inches (187 centimeters), just short of the record set in 1966. This exceptional acqua alta has flooded businesses and historic structures, sank boats, and been blamed for one death so far.
The network that helped put Donald Trump into power is now showing how insistently it will work to keep him there.
When Bill Taylor, the United States’ acting ambassador to Ukraine, began his testimony to the House Intelligence Committee yesterday morning, MSNBC did what news networks will often do to educate viewers about the events unfolding on-screen: It offered a graphic providing contextual information. “Top U.S. diplomat in Ukraine since June,” one bullet point noted, explaining Taylor’s most direct relevance to President Donald Trump’s impeachment hearings. “Testified he had ‘clear understanding’ aid tied to probes,” another bullet went, referencing the military support the United States withheld from, and then gave to, Ukraine. “Texted it would be ‘crazy’ to withhold Ukraine military aid,” went another.
We asked thousands of people to tell us how equal income distribution would have to be for them to enter society at a random place. The vast majority -- rich, poor, GOP and Democrat -- imagined a far more equal nation.
We asked thousands of people to describe their ideal distribution of wealth, from top to bottom. The vast majority -- rich, poor, GOP and Democrat -- imagined a far more equal nation. Here's why it matters.
The inequality of wealth and income in the U.S. has become an increasingly prevalent issue in recent years. One reason for this is that the visibility of this inequality has been increasing gradually for a long time--as society has become less segregated, people can now see more clearly how much other people make and consume. Owing to urban life and the media, our proximity to one another has decreased, making the disparity all too obvious. In addition to this general trend, the financial crisis, with all of its fall out, shined a spotlight on the salaries of bankers and financial workers relative to that of most Americans. And on top of these, and most recently, the upcoming presidential election has raised questions of social justice and income disparities, bringing the issues into focus even more.
Democrats have valid reasons for resisting GOP attempts to muddy the impeachment hearings—but extra transparency might be worth more.
Elections have consequences, and one consequence of the 2018 election is that Democrats control the House and are on course to impeach President Donald Trump. Another consequence is that Republicans don’t have control over what witnesses get called in the impeachment inquiry.
They do, however, have the right to make requests, and in a letter last week they made a series of suggestions to House Intelligence Committee Chairman Adam Schiff—including calling Hunter Biden, the son of former Vice President Joe Biden; Devon Archer, a business associate of his; Alexandra Chalupa, a former Democratic National Committee staffer; and the anonymous whistle-blower who filed a complaint about Trump’s July 25 call with Ukrainian President Volodymyr Zelensky.
During a few wild weeks in October, U.S. allies watched as their own worst nightmare befell America’s Kurdish partners in Syria. Here’s what that means for America’s standing in the world.
There was a time when the withdrawal of roughly 50 American Special Forces from a couple of outposts in a remote part of Syria wouldn’t have generated a wave of angst across the world about the United States unceremoniously dumping its allies and terminating the international system it has led for more than 70 years.
That time is decidedly not now.
When I recently asked a European official about the fate of the Syrian Kurds, who, after that U.S. retreat in October, came under Turkish assault, the official referenced President Donald Trump’s contention that the fighting had “nothing to do with” the United States. In just over a week, the violence left hundreds of Kurdish fighters and civilians dead; more than 100,000 people displaced; the near defeat of the Islamic State in jeopardy; and Turkey, Russia, and the Iranian-backed Syrian government carving up territory vacated by the Kurds and the Americans.
HONG KONG—For months now, I’ve been told that Hong Kong’s protests would end soon. They’ll end when school starts, I heard during the summer. School did start, but the protests wore on, only now I saw high-school students in crisp school uniforms joining the protesters’ ranks. Next, the mask ban of early October was supposed to slow protesters down, but the very first day after that ban, I watched streams of protesters in masks and helmets make their way to their usual haunts on Hong Kong Island.
The government shut down many of the subway lines that day, a practice that has become a de facto curfew, because Hong Kong’s über-efficient subway system is the way most people get around. No matter; the protesters ended up walking, sometimes a lot, and I walked with them, asking some of the same questions I had asked for months: Do you think you will continue protesting? What would it take for you to stop?
Suppose that the biblical story of Creation were true: God created the universe in six days, including all the laws of physics and all the physical constants that apply throughout the universe. Now imagine that one day, in the early 21st century, God became bored and, just for fun, doubled the gravitational constant. What would it be like to live through such a change? We’d all be pulled toward the floor; many buildings would collapse; birds would fall from the sky; the Earth would move closer to the sun, reestablishing orbit in a far hotter zone.
Let’s rerun this thought experiment in the social and political world, rather than the physical one. The U.S. Constitution was an exercise in intelligent design. The Founding Fathers knew that most previous democracies had been unstable and short-lived. But they were excellent psychologists, and they strove to create institutions and procedures that would work with human nature to resist the forces that had torn apart so many other attempts at self-governance.