Wednesday, March 30, 2005
In his devotion to peace, Tagore denounced nationalism and violence. He sought to instill in human beings a sense of their unity; he was severely critical of the Indian caste system. His most important philosophical work is Sadhana: The Realization of Life (1913), which echoes the fundamental ideas inherent in sacred Hindu writings. His dramas are filled with lyricism and philosophy, while his poems deal with amorous, mystical, and fabulous themes. In India his appeal was nearly universal. A man of striking appearance, Tagore came to be regarded with the reverence due an ancient teacher. He wrote in Bengali but translated much of his work into English. It attracted attention in the West, and he was awarded the 1913 Nobel Prize in Literature, especially for his collection of poetry, Gitanjali (1912). His Janaganamana (Thou Art the Ruler of All Minds) was adopted as the Indian national anthem.
Tagore's best-known novels and poetry include The Gardener (1913), The Crescent Moon (1913), Songs of Kabir (1915), Cycle of Spring (1917), Fireflies (1928), and Sheaves (1932). Among his plays are The Post Office (1914), Chitra (1917), and Red Oleanders (1924). Philosophical works include Personality (1917), Nationalism (1917), The Home and the World (1919), The Religion of Man (1931), and Man (1932). In 1915 Tagore was knighted. His travels and lectures took him around the world. He was impressed with the capacity of the West for accomplishing its practical goals, but he deprecated what he considered its spiritual emptiness and waste. In 1922, Santiniketan (abode of peace), the school he had founded at Bolpur in 1901, was expanded into the internationally attended Visva-Bharati Univ. The curriculum stressed social reform, international unity, and rural reconstruction.
This all suddenly changed in 1912. He then returned to England for the first time since his failed attempt at law school as a teenager. Now a man of 51, his was accompanied by his son. On the way over to England he began translating, for the first time, his latest selections of poems, Gitanjali, into English. Almost all of his work prior to that time had been written in his native tongue of Bengali. He decided to do this just to have something to do, with no expectation at all that his first time translation efforts would be any good. He made the handwritten translations in a little notebook he carried around with him and worked on during the long sea voyage from India. Upon arrival, his son left his father's brief case with this notebook in the London subway. Fortunately, an honest person turned in the briefcase and it was recovered the next day. Tagore's one friend in England, a famous artist he had met in India, Rothenstein, learned of the translation, and asked to see it. Reluctantly, with much persuasion, Tagore let him have the notebook. The painter could not believe his eyes. The poems were incredible. He called his friend, W.B. Yeats, and finally talked Yeats into looking at the hand scrawled notebook.
The rest, as they say, is history. Yeats was enthralled. He later wrote the introduction to Gitanjali when it was published in September 1912 in a limited edition by the India Society in London. Thereafter, both the poetry and the man were an instant sensation, first in London literary circles, and soon thereafter in the entire world. His spiritual presence was awesome. His words evoked great beauty. Nobody had ever read anything like it. A glimpse of the mysticism and sentimental beauty of Indian culture were revealed to the West for the first time. Less than a year later, in 1913, Rabindranath received the Nobel Prize for literature. He was the first non-westerner to be so honored. Overnight he was famous and began world lecture tours promoting inter-cultural harmony and understanding. In 1915 he was knighted by the British King George V. When not traveling he remained at his family home outside of Calcutta, where he remained very active as a literary, spiritual and social-political force.
In 1919, following the Amritsar massacre of 400 Indian demonstrators by British troops, Sir Tagore renounced his Knighthood. Although a good friend of Gandi, most of the time Tagore stayed out of politics. He was opposed to nationalism and miltiarism as a matter of principle, and instead promoted spiritual values and the creation of a new world culture founded in multi-culturalism, diversity and tolerance. He served as a spiritual and creative beacon to his countrymen, and indeed, the whole world. He used the funds from his writing and lecturing to expand upon the school he had founded in 1901 now known as Visva Bharati . The alternative to the poor system of education imposed by the British, combined the best of traditional Hindu education with Western ideals. Tagore's multi-cultural educational efforts were an inspiration to many, including his friend, Count Hermann Keyserling of Estonia. Count Keyserling founded his own school in 1920 patterned upon Tagore's school, and the ancient universities which existed in Northern India under Buddhist rule over 2,000 years ago under the name School of Wisdom. Rabindranath Tagore led the opening program of the School of Wisdom in 1920, and participated in several of its programs thereafter.
Rabindranath Tagore's creative output tells you a lot about this renaissance man. The variety, quality and quantity are unbelievable. As a writer, Tagore primarily worked in Bengali, but after his success with Gitanjali, he translated many of his other works into English. He wrote over one thousand poems; eight volumes of short stories; almost two dozen plays and play-lets; eight novels; and many books and essays on philosophy, religion, education and social topics. Aside from words and drama, his other great love was music, Bengali style. He composed more than two thousand songs, both the music and lyrics. Two of them became the national anthems of India and Bangladesh. In 1929 he even began painting. Many of his paintings can be found in museums today, especially in India, where he is considered the greatest literary figure of India of all times.
Tagore was not only a creative genius, he was a great man and friend to many. For instance, he was also a good friend from childhood to the great Indian Physicist, Bose. He was educated and quite knowledgeable of Western culture, especially Western poetry and Science. This made him a remarkable person, one of the first of our planet to combine East and West, and ancient and modern knowledge. Tagore had a good grasp of modern - post-Newtonian - physics, and was well able to hold his own in a debate with Einstein in 1930 on the newly emerging principles of quantum mechanics and chaos. His meetings and tape recorded conversations with his contemporaries such Albert Einstein and H.G. Wells, stand as cultural landmarks, and show the brilliance of this great man. Although Tagore is a superb representative of his country - India - the man who wrote its national anthem - his life and works go far beyond his country. He is truly a man of the whole Earth, a product of the best of both traditional Indian, and modern Western cultures.
My planned field of study varied a good deal in my younger years, and between the ages of three and seventeen, I seriously flirted, in turn, with Sanskrit, mathematics, and physics, before settling for the eccentric charms of economics. But the idea that I should be a teacher and a researcher of some sort did not vary over the years. I am used to thinking of the word "academic" as meaning "sound," rather than the more old-fashioned dictionary meaning: "unpractical," "theoretical," or "conjectural."
During three childhood years (between the ages of 3 and 6) I was in Mandalay in Burma, where my father was a visiting professor. But much of my childhood was, in fact, spent in Dhaka, and I began my formal education there, at St. Gregory's School. However, I soon moved to Santiniketan, and it was mainly in Tagore's school that my educational attitudes were formed. This was a co-educational school, with many progressive features. The emphasis was on fostering curiosity rather than competitive excellence, and any kind of interest in examination performance and grades was severely discouraged. ("She is quite a serious thinker," I remember one of my teachers telling me about a fellow student, "even though her grades are very good.") Since I was, I have to confess, a reasonably good student, I had to do my best to efface that stigma.
The curriculum of the school did not neglect India's cultural, analytical and scientific heritage, but was very involved also with the rest of the world. Indeed, it was astonishingly open to influences from all over the world, including the West, but also other non-Western cultures, such as East and South-East Asia (including China, Japan, Indonesia, Korea), West Asia, and Africa. I remember being quite struck by Rabindranath Tagore's approach to cultural diversity in the world (well reflected in our curriculum), which he had expressed in a letter to a friend: "Whatever we understand and enjoy in human products instantly becomes ours, wherever they might have their origin... Let me feel with unalloyed gladness that all the great glories of man are mine."
Identity and violence
I loved that breadth, and also the fact that in interpreting Indian civilization itself, its cultural diversity was much emphasized. By pointing to the extensive heterogeneity in India's cultural background and richly diverse history, Tagore argued that the "idea of India" itself militated against a culturally separatist view, "against the intense consciousness of the separateness of one's own people from others." Tagore and his school constantly resisted the narrowly communal identities of Hindus or Muslims or others, and he was, I suppose, fortunate that he died - in 1941 - just before the communal killings fomented by sectarian politics engulfed India through much of the 1940s. Some of my own disturbing memories as I was entering my teenage years in India in the mid-1940s relate to the massive identity shift that followed divisive politics. People's identities as Indians, as Asians, or as members of the human race, seemed to give way - quite suddenly - to sectarian identification with Hindu, Muslim, or Sikh communities. The broadly Indian of January was rapidly and unquestioningly transformed into the narrowly Hindu or finely Muslim of March. The carnage that followed had much to do with unreasoned herd behaviour by which people, as it were, "discovered" their new divisive and belligerent identities, and failed to take note of the diversity that makes Indian culture so powerfully mixed. The same people were suddenly different.
I had to observe, as a young child, some of that mindless violence. One afternoon in Dhaka, a man came through the gate screaming pitifully and bleeding profusely. The wounded person, who had been knifed on the back, was a Muslim daily labourer, called Kader Mia. He had come for some work in a neighbouring house - for a tiny reward - and had been knifed on the street by some communal thugs in our largely Hindu area. As he was being taken to the hospital by my father, he went on saying that his wife had told him not to go into a hostile area during the communal riots. But he had to go out in search of work and earning because his family had nothing to eat. The penalty of that economic unfreedom turned out to be death, which occurred later on in the hospital. The experience was devastating for me, and suddenly made me aware of the dangers of narrowly defined identities, and also of the divisiveness that can lie buried in communitarian politics. It also alerted me to the remarkable fact that economic unfreedom, in the form of extreme poverty, can make a person a helpless prey in the violation of other kinds of freedom: Kader Mia need not have come to a hostile area in search of income in those troubled times if his family could have managed without it.
Calcutta and its debates
By the time I arrived in Calcutta to study at Presidency College, I had a fairly formed attitude on cultural identity (including an understanding of its inescapable plurality as well as the need for unobstructed absorption rather than sectarian denial). I still had to confront the competing loyalties of rival political attitudes: for example, possible conflicts between substantive equity, on the one hand, and universal tolerance, on the other, which simultaneously appealed to me. On this more presently.
The educational excellence of Presidency College was captivating. My interest in economics was amply rewarded by quite outstanding teaching. I was particularly influenced by the teaching of Bhabatosh Datta and Tapas Majumdar, but there were other great teachers as well, such as Dhiresh Bhattacharya. I also had the great fortune of having wonderful classmates, particularly the remarkable Sukhamoy Chakravarty (more on him presently), but also many others, including Mrinal Datta Chaudhuri (who was also at Santiniketan, earlier) and Jati Sengupta. I was close also to several students of history, such as Barun De, Partha Gupta and Benoy Chaudhuri. (Presidency College had a great school of history as well, led by a most inspiring teacher in the form of Sushobhan Sarkar.) My intellectual horizon was radically broadened.
The student community of Presidency College was also politically most active. Though I could not develop enough enthusiasm to join any political party, the quality of sympathy and egalitarian commitment of the "left" appealed to me greatly (as it did to most of my fellow students as well, in that oddly elitist college). The kind of rudimentary thinking that had got me involved, while at Santiniketan, in running evening schools (for illiterate rural children in the neighbouring villages) seemed now to be badly in need of systematic political broadening and social enlargement.
I was at Presidency College during 1951 to 1953. The memory of the Bengal famine of 1943, in which between two and three million people had died, and which I had watched from Santiniketan, was still quite fresh in my mind. I had been struck by its thoroughly class-dependent character. (I knew of no one in my school or among my friends and relations whose family had experienced the slightest problem during the entire famine; it was not a famine that afflicted even the lower middle classes - only people much further down the economic ladder, such as landless rural labourers.) Calcutta itself, despite its immensely rich intellectual and cultural life, provided many constant reminders of the proximity of unbearable economic misery, and not even an elite college could ignore its continuous and close presence.
And yet, despite the high moral and ethical quality of social commiseration, political dedication and a deep commitment to equity, there was something rather disturbing about standard leftwing politics of that time: in particular, its scepticism of process-oriented political thinking, including democratic procedures that permit pluralism. The major institutions of democracy got no more credit than what could be portioned out to what was seen as "bourgeois democracy," on the deficiencies of which the critics were most vocal. The power of money in many democratic practices was rightly identified, but the alternatives - including the terrible abuses of non-oppositional politics - did not receive serious critical scrutiny. There was also a tendency to see political tolerance as a kind of "weakness of will" that may deflect well-meaning leaders from promoting "the social good," without let or hindrance.
Given my political conviction on the constructive role of opposition and my commitment to general tolerance and pluralism, there was a bit of a dilemma to be faced in coordinating those beliefs with the form of left-wing activism that characterized the mainstream of student politics in the-then Calcutta. What was at stake, it seemed to me, in political toleration was not just the liberal political arguments that had so clearly emerged in post-Enlightenment Europe and America, but also the traditional values of tolerance of plurality which had been championed over the centuries in many different cultures - not least in India. Indeed, as Ashoka had put it in the third century B.C.: "For he who does reverence to his own sect while disparaging the sects of others wholly from attachment to his own, with intent to enhance the splendour of his own sect, in reality by such conduct inflicts the severest injury on his own sect." To see political tolerance merely as a "Western liberal" inclination seemed to me to be a serious mistake.
Even though these issues were quite disturbing, they also forced me to face some foundational disputes then and there, which I might have otherwise neglected. Indeed, we were constantly debating these competing political demands. As a matter of fact, as I look back at the fields of academic work in which I have felt most involved throughout my life (and which were specifically cited by the Royal Swedish Academy of Sciences in making their award), they were already among the concerns that were agitating me most in my undergraduate days in Calcutta. These encompassed welfare economics, economic inequality and poverty, on the one hand (including the most extreme manifestation of poverty in the form of famines), and the scope and possibility of rational, tolerant and democratic social choice, on the other (including voting procedures and the protection of liberty and minority rights). My involvement with the fields of research identified in the Nobel statement had, in fact, developed much before I managed to do any formal work in these areas.
It was not long after Kenneth Arrow's path-breaking study of social choice, Social Choice and Individual Values, was published in New York in 1951, that my brilliant co-student Sukhamoy Chakravarty drew my attention to the book and to Arrow's stunning "impossibility theorem" (this must have been in the early months of 1952). Sukhamoy too was broadly attracted by the left, but also worried about political authoritarianism, and we discussed the implications of Arrow's demonstration that no non-dictatorial social choice mechanism may yield consistent social decisions. Did it really give any excuse for authoritarianism (of the left, or of the right)? I particularly remember one long afternoon in the College Street Coffee House, with Sukhamoy explaining his own reading of the ramifications of the formal results, sitting next to a window, with his deeply intelligent face glowing in the mild winter sun of Calcutta (a haunting memory that would invade me again and again when he died suddenly of a heart attack a few years ago).
Cambridge as a battleground
In 1953, I moved from Calcutta to Cambridge, to study at Trinity College. Though I had already obtained a B.A. from Calcutta University (with economics major and mathematics minor), Cambridge enroled me for another B.A. (in pure economics) to be quickly done in two years (this was fair enough since I was still in my late teens when I arrived at Cambridge). The style of economics at the-then Cambridge was much less mathematical than in Calcutta. Also, it was generally less concerned with some of the foundational issues that had agitated me earlier. I had, however, some wonderful fellow students (including Samuel Brittan, Mahbub ul Haq, Rehman Sobhan, Michael Nicholson, Lal Jayawardena, Luigi Pasinetti, Pierangelo Garegnani, Charles Feinstein, among others) who were quite involved with foundational assessment of the ends and means of economics as a discipline.
However, the major debates in political economy in Cambridge were rather firmly geared to the pros and cons of Keynesian economics and the diverse contributions of Keynes's followers at Cambridge (Richard Kahn, Nicholas Kaldor, Joan Robinson, among them), on the one hand, and of "neo-classical" economists sceptical of Keynes, on the other (including, in different ways, Dennis Robertson, Harry Johnson, Peter Bauer, Michael Farrell, among others). I was lucky to have close relations with economists on both sides of the divide. The debates centred on macroeconomics dealing with economic aggregates for the economy as a whole, but later moved to capital theory, with the neo-Keynesians dead set against any use of "aggregate capital" in economic modelling (some of my fellow students, including Pasinetti and Garegnani, made substantial contributions to this debate).
Even though there were a number of fine teachers who did not get very involved in these intense fights between different schools of thought (such as Richard Stone, Brian Reddaway, Robin Matthews, Kenneth Berrill, Aubrey Silberston, Robin Marris), the political lines were, in general, very firmly - and rather bizarrely - drawn. In an obvious sense, the Keynesians were to the "left" of the neo-classicists, but this was very much in the spirit of "this far but no further". Also, there was no way in which the different economists could be nicely ordered in just one dimension. Maurice Dobb, who was an astute Marxist economist, was often thought by Keynesians and neo-Keynesians to be "quite soft" on "neo-classical" economics. He was one of the few who, to my delight, took welfare economics seriously (and indeed taught a regular course on it), just as the intensely "neo-classical" A.C. Pigou had done (while continuing to debate Keynes in macroeconomics). Not surprisingly, when the Marxist Dobb defeated Kaldor in an election to the Faculty Board, Kaldor declared it to be a victory of the perfidious neo-classical economics in disguise ("marginal utility theory has won," Kaldor told Sraffa that evening, in commenting on the electoral success of a Marxist economist!)
However, Kaldor was, in fact, much the most tolerant of the neo-Keynesians at Cambridge. If Richard Kahn was in general the most bellicose, the stern reproach that I received often for not being quite true to the new orthodoxy of neo-Keynesianism came mostly from my thesis supervisor - the totally brilliant but vigorously intolerant Joan Robinson.
In this desert of constant feuding, my own college, Trinity, was a bit of an oasis. I suppose I was lucky to be there, but it was not entirely luck, since I had chosen to apply to Trinity after noticing, in the handbook of Cambridge University, that three remarkable economists of very different political views coexisted there. The Marxist Maurice Dobb and the conservative neo-classicist Dennis Robertson did joint seminars, and Trinity also had Piero Sraffa, a model of scepticism of nearly all the standard schools of thought. I had the good fortune of working with all of them and learning greatly from each.
The peaceful - indeed warm - co-existence of Dobb, Robertson and Sraffa was quite remarkable, given the feuding in the rest of the University. Sraffa told me, later on, a nice anecdote about Dobb's joining of Trinity, on the invitation of Robertson. When asked by Robertson whether he would like to teach at Trinity, Dobb said yes enthusiastically, but he suffered later from a deep sense of guilt in not having given Robertson "the full facts. " So he wrote a letter to Robertson apologizing for not having mentioned earlier that he was a member of the Communist Party, supplemented by the statement - I think a rather "English" statement - that he would understand perfectly if in view of that Robertson were to decide that he, Dobb, was not a fit person to teach Trinity undergraduates. Robertson wrote a one-sentence reply: "Dear Dobb, so long as you give us a fortnight's notice before blowing up the Chapel, it will be all right."
So there did exist, to some extent, a nice "practice" of democratic and tolerant social choice at Trinity, my own college. But I fear I could not get anyone in Trinity, or in Cambridge, very excited in the "theory" of social choice. I had to choose quite a different subject for my research thesis, after completing my B.A. The thesis was on "the choice of techniques," which interested Joan Robinson as well as Maurice Dobb.
Philosophy and economics
At the end of the first year of research, I was bumptious enough to think that I had some results that would make a thesis, and so I applied to go to India on a two-years leave from Cambridge, since I could not - given the regulation then in force - submit my Ph.D. thesis for a degree until I had been registered for research for three years. I was excitedly impatient in wanting to find out what was going on back at home, and when leave was granted to me, I flew off immediately to Calcutta. Cambridge University insisted on my having a "supervisor" in India, and I had the good fortune of having the great economic methodologist, A.K. Dasgupta, who was then teaching in Benares. With him I had frequent - and always enlightening - conversations on everything under the sun (occasionally on my thesis as well).
In Calcutta, I was also appointed to a chair in economics at the newly created Jadavpur University, where I was asked to set up a new department of economics. Since I was not yet even 23, this caused a predictable - and entirely understandable - storm of protest. But I enjoyed the opportunity and the challenge (even though several graffitis on the University walls displayed the "new professor" as having been just snatched from the cradle). Jadavpur was quite an exciting place intellectually (my colleagues included Paramesh Ray, Mrinal Datta Chaudhuri, Anita Banerji, Ajit Dasgupta, and others in the economics department). The University also had, among other luminaries, the immensely innovative historian, Ranajit Guha, who later initiated the "subaltern studies" - a highly influential school of colonial and post-colonial history. I particularly enjoyed getting back to some of the foundational issues that I had to neglect somewhat at Cambridge.
While my thesis was quietly "maturing" with the mere passage of time (to be worthy of the 3-year rule), I took the liberty of submitting it for a competitive Prize Fellowship at Trinity College. Since, luckily, I also got elected, I then had to choose between continuing in Calcutta and going back to Cambridge. I split the time, and returned to Cambridge somewhat earlier than I had planned. The Prize Fellowship gave me four years of freedom to do anything I liked (no questions asked), and I took the radical decision of studying philosophy in that period. I had always been interested in logic and in epistemology, but soon got involved in moral and political philosophy as well (they related closely to my older concerns about democracy and equity).
The broadening of my studies into philosophy was important for me not just because some of my main areas of interest in economics relate quite closely to philosophical disciplines (for example, social choice theory makes intense use of mathematical logic and also draws on moral philosophy, and so does the study of inequality and deprivation), but also because I found philosophical studies very rewarding on their own. Indeed, I went on to write a number of papers in philosophy, particularly in epistemology, ethics and political philosophy. While I am interested both in economics and in philosophy, the union of my interests in the two fields far exceeds their intersection. When, many years later, I had the privilege of working with some major philosophers (such as John Rawls, Isaiah Berlin, Bernard Williams, Ronald Dworkin, Derek Parfit, Thomas Scanlon, Robert Nozick, and others), I felt very grateful to Trinity for having given me the opportunity as well as the courage to get into exacting philosophy.
Delhi School of Economics
During 1960-61, I visited M.I.T., on leave from Trinity College, and found it a great relief to get away from the rather sterile debates that the contending armies were fighting in Cambridge. I benefited greatly from many conversations with Paul Samuelson, Robert Solow, Franco Modigliani, Norbert Wiener, and others that made M.I.T such an inspiring place. A summer visit to Stanford added to my sense of breadth of economics as a subject. In 1963, I decided to leave Cambridge altogether, and went to Delhi, as Professor of Economics at the Delhi School of Economics and at the University of Delhi. I taught in Delhi until 1971. In many ways this was the most intellectually challenging period of my academic life. Under the leadership of K.N. Raj, a remarkable applied economist who was already in Delhi, we made an attempt to build an advanced school of economics there. The Delhi School was already a good centre for economic study (drawing on the work of V.K.R.V. Rao, B.N. Ganguli, P.N. Dhar, Khaleq Naqvi, Dharm Narain, and many others, in addition to Raj), and a number of new economists joined, including Sukhamoy Chakravarty, Jagdish Bhagwati, A.L. Nagar, Manmohan Singh, Mrinal Datta Chaudhuri, Dharma Kumar, Raj Krishna, Ajit Biswas, K.L. Krishna, Suresh Tendulkar, and others. (Delhi School of Economics also had some leading social anthropologists, such as M.N. Srinivas, Andre Beteille, Baviskar, Veena Das, and major historians such as Tapan Ray Chaudhuri, whose work enriched the social sciences in general.) By the time I left Delhi in 1971 to join the London School of Economics, we had jointly succeeded in making the Delhi School the pre-eminent centre of education in economics and the social sciences, in India.
Regarding research, I plunged myself full steam into social choice theory in the dynamic intellectual atmosphere of Delhi University. My interest in the subject was consolidated during a one-year visit to Berkeley in 1964-65, where I not only had the chance to study and teach some social choice theory, but also had the unique opportunity of observing some practical social choice in the form of student activism in the "free speech movement." An initial difficulty in pursuing social choice at the Delhi School was that while I had the freedom to do what I liked, I did not, at first, have anyone who was interested in the subject as a formal discipline. The solution, of course, was to have students take an interest in the subject. This happened with a bang with the arrival of a brilliant student, Prasanta Pattanaik, who did a splendid thesis on voting theory, and later on, also did joint work with me (adding substantially to the reach of what I was trying to do). Gradually, a sizeable and technically excellent group of economists interested in social choice theory emerged at the Delhi School.
Social choice theory related importantly to a more widespread interest in aggregation in economic assessment and policy making (related to poverty, inequality, unemployment, real national income, living standards). There was a great reason for satisfaction in the fact that a number of leading social choice theorists (in addition to Prasanta Pattanaik) emanated from the Delhi School, including Kaushik Basu and Rajat Deb (who also studied with me at the London School of Economics after I moved there), and Bhaskar Dutta and Manimay Sengupta, among others. There were other students who were primarily working in other areas (this applies to Basu as well), but whose work and interests were influenced by the strong current of social choice theory at the Delhi School (Nanak Kakwani is a good example of this).
In my book, Collective Choice and Social Welfare, published in 1970, I made an effort to take on overall view of social choice theory. There were a number of analytical findings to report, but despite the presence of many "trees" (in the form of particular technical results), I could not help looking anxiously for the forest. I had to come back again to the old general question that had moved me so much in my teenage years at Presidency College: Is reasonable social choice at all possible given the differences between one person's preferences (including interests and judgments) and another's (indeed, as Horace noted a long time ago, there may be "as many preferences as there are people")?
The work underlying Collective Choice and Social Welfare was mostly completed in Delhi, but I was much helped in giving it a final shape by a joint course on "social justice" I taught at Harvard with Kenneth Arrow and John Rawls, both of whom were wonderfully helpful in giving me their assessments and suggestions. The joint course was, in fact, quite a success both in getting many important issues discussed, and also in involving a remarkable circle of participants (who were sitting in as "auditors"), drawn from the established economists and philosophers in the Harvard region. (It was also quite well-known outside the campus: I was asked by a neighbour in a plane journey to San Francisco whether, as a teacher at Harvard, I had heard of an "apparently interesting" course taught by "Kenneth Arrow, John Rawls, and some unknown guy.")
There was another course I taught jointly, with Stephen Marglin and Prasanta Pattanaik (who too had come to Harvard), which was concerned with development as well as Policy making. This nicely supplemented my involvements in pure social choice theory (in fact, Marglin and Pattanaik were both very interested in examining the connection between social choice theory and other areas in economics).
From Delhi to London and Oxford
I left Delhi, in 1971, shortly after Collective Choice and Social Welfare was published in 1970. My wife, Nabaneeta Dev, with whom I have two children (Antara and Nandana), had constant trouble with her health in Delhi (mainly from asthma). London might have suited her better, but, as it happens, the marriage broke up shortly after we went to London.
Nabaneeta is a remarkably successful poet, literary critic and writer of novels and short stories (one of the most celebrated authors in contemporary Bengali literature), which she has combined, since our divorce, with being a University Professor at Jadavpur University in Calcutta. I learned many things from her, including the appreciation of poetry from an "internal" perspective. She had worked earlier on the distinctive style and composition of epic poetry, including the Sanskrit epics (particularly the Ramayana), and this I had got very involved in. Nabaneeta's parents were very well-known poets as well, and she seems to have borne her celebrity status - and the great many recognitions that have come her way - with unaffected approachability and warmth. She had visits from an unending stream of literary fans, and I understand, still does. (On one occasion, arrived a poet with a hundred new poems, with the declared intention of reading them aloud to her, to get her critical judgement, but since she was out, he said that he would instead settle for reading them to me. When I pleaded that I lacked literary sophistication, I was assured by the determined poet: "That is just right; I would like to know how the common man may react to my poetry." The common man, I am proud to say, reacted with appropriate dignity and self-control.)
When we moved to London, I was also going through some serious medical problems. In early 1952, at the age of 18 (when I was an undergraduate at Presidency College), I had cancer of the mouth, and it had been dealt with by a severe dose of radiation in a rather primitive Calcutta hospital. This was only seven years after Hiroshima and Nagasaki, and the long-run effects of radiation were not much understood. The dose of radiation I got may have cured the cancer, but it also killed the bones in my hard palate. By 1971, it appeared that I had either a recurrence of the cancer, or a severe case of bone necrosis. The first thing I had to do on returning to England was to have a serious operation, without knowing whether it would be merely plastic surgery to compensate for the necrosis (a long and complicated operation in the mouth, but no real threat to survival), or much more demandingly, a fresh round of efforts at cancer eradication.
After the long operation (it had lasted nearly seven hours) when I woke up from the heavy anaesthesia, it was four o'clock in the morning. As a person with much impatience, I wanted to know what the surgeon had found. The nurse on duty said she was not allowed to tell me anything: "You must wait for the doctors to come at nine." This created some tension (I wanted to know what had emerged), which the nurse noticed. I could see that she was itching to tell me something: indeed (as I would know later) to tell me that no recurrence of cancer had been detected in the frozen-section biopsy that had been performed, and that the long operation was mainly one of reconstruction of the palate to compensate for the necrosis. She ultimately gave in, and chose an interesting form of communication, which I found quite striking (as well as kind). "You know," she said, "they were praising you very much!" It then dawned on me that not having cancer can be a subject for praise. Indeed lulled by praise, I went quietly back to my post-operative sleep. In later years, when I would try to work on judging the goodness of a society by the quality of health of the people, her endorsement of my praiseworthiness for being cancer-free would serve as a good reference point!
The intellectual atmosphere at the LSE in particular and in London in general was most gratifying, with a dazzling array of historians, economists, sociologists and others. It was wonderful to have the opportunity of seeing Eric Hobsbawm (the great historian) and his wife Marlene very frequently and to interact regularly with Frank and Dorothy Hahn, Terence and Dorinda Gorman, and many others. Our small neighbourhood in London (Bartholomew estate, within the Kentish Town) itself offered wonderful company of intellectual and artistic creativity and political involvement. Even after I took an Oxford job (Professor of Economics, 1977-80, Drummond Professor of Political Economy, 1980-87) later on, I could not be budged from living in London.
As I settled down at the London School of Economics in 1971, I resumed my work on social choice theory. Again, I had excellent students at LSE, and later on at Oxford. In addition to Kaushik Basu and Rajat Deb (who had come from Dehli), other students such as Siddiq Osmani, Ben Fine, Ravi Kanbur, Carl Hamilton, John Wriglesworth, David Kelsey, Yasumi Matsumoto, Jonathan Riley, produced distinguished Ph.D. theses on a variety of economic and social choice problems. It made me very proud that many of the results that became standard in social choice theory and welfare economics had first emerged in these Ph.D. theses.
I was also fortunate to have colleagues who were working on serious social choice problems, including Peter Hammond, Charles Blackorby, Kotaro Suzumura, Geoffrey Heal, Gracieda Chichilnisky, Ken Binmore, Wulf Gaertner, Eric Maskin, John Muellbauer, Kevin Roberts, Susan Hurley, at LSE or Oxford, or neighbouring British universities. (I also learned greatly from conversations with economists who were in other fields, but whose works were of great interest to me, including Sudhir Anand, Tony Atkinson, Christopher Bliss, Meghnad Desai, Terence Gorman, Frank Hahn, David Hendry, Richard Layard, James Mirrlees, John Muellbauer, Steve Nickel, among others.) I also had the opportunity of collaboration with social choice theorists elsewhere, such as Claude d'Aspremont and Louis Gevers in Belgium, Koichi Hamada and Ken-ichi Inada in Japan (joined later by Suzumura when he returned there), and many others in America, Canada, Israel, Australia, Russia, and elsewhere). There were many new formal results and informal understandings that emerged in these works, and the gloom of "impossibility results" ceased to be the only prominent theme in the field. The 1970s were probably the golden years of social choice theory across the world. Personally, I had the sense of having a ball.
From social choice to inequality and poverty
The constructive possibilities that the new literature on social choice produced directed us immediately to making use of available statistics for a variety of economic and social appraisals: measuring economic inequality, judging poverty, evaluating projects, analyzing unemployment, investigating the principles and implications of liberty and rights, assessing gender inequality, and so on. My work on inequality was much inspired and stimulated by that of Tony Atkinson. I also worked for a while with Partha Dasgupta and David Starrett on measuring inequality (after having worked with Dasgupta and Stephen Marglin on project evaluation), and later, more extensively, with Sudhir Anand and James Foster.
My own interests gradually shifted from the pure theory of social choice to more "practical" problems. But I could not have taken them on without having some confidence that the practical exercises to be undertaken were also foundationally secure (rather than implicitly harbouring incongruities and impossibilities that could be exposed on deeper analytical probing). The progress of the pure theory of social choice with an expanded informational base was, in this sense, quite crucial for my applied work as well.
In the reorientation of my research, I benefited greatly from discussions with my wife, Eva Colorni, with whom I lived from 1973 onwards. Her critical standards were extremely exacting, but she also wanted to encourage me to work on issues of practical moment. Her personal background involved a fine mixture of theory and practice, with an Italian Jewish father (Eugenio Colorni was an academic philosopher and a hero of the Italian resistance who was killed by the fascists in Rome shortly before the Americans got there), a Berlinite Jewish mother (Ursula Hirschman was herself a writer and the brother of the great development economist, Albert Hirschman), and a stepfather who as a statesman had been a prime mover in uniting Europe (Altiero Spinelli was the founder of the "European Federalist movement," wrote its "Manifesto" from prison in 1941, and officially established the new movement, in the company of Eugenio Colorni, in Milan in 1943). Eva herself had studied law, philosophy and economics (in Pavia and in Delhi), and lectured at the City of London Polytechnic (now London Guildhall University). She was deeply humane (with a great passion for social justice) as well as fiercely rational (taking no theory for granted, subjecting each to reasoned assessment and scrutiny). She exercised a great influence on the standards and reach that I attempted to achieve in my work (often without adequate success).
Eva was very supportive of my attempt to use a broadened framework of social choice theory in a variety of applied problems: to assess poverty; to evaluate inequality; to clarify the nature of relative deprivation; to develop distribution-adjusted national income measures; to clarify the penalty of unemployment; to analyze violations of personal liberties and basic rights; and to characterize gender disparities and women's relative disadvantage. The results were mostly published in journals in the 1970s and early 1980s, but gathered together in two collections of articles (Choice, Welfare and Measurement and Resources, Values and Development, published, respectively, in 1982 and 1984).
The work on gender inequality was initially confined to analyzing available statistics on the male-female differential in India (I had a joint paper with Jocelyn Kynch on "Indian Women: Well-being and Survival" in 1982), but gradually moved to international comparisons (Commodities and Capabilities, 1985) and also to some general theory ("Gender and Cooperative Conflict," 1990). The theory drew both on empirical analysis of published statistics across the world, but also of data I freshly collected in India in the spring of 1983, in collaboration with Sunil Sengupta, comparing boys and girls from birth to age 5. (We weighed and studied every child in two largish villages in West Bengal; I developed some expertise in weighing protesting children, and felt quite proud of my accomplishment when, one day, my research assistant phoned me with a request to take over from her the job of weighing a child "who bites every hand within the reach of her teeth." I developed some vanity in being able to meet the challenge at the "biting end" of social choice research.)
Poverty, famines and deprivation
From the mid-1970s, I also started work on the causation and prevention of famines. This was initially done for the World Employment Programme of the International Labour Organization, for which my 1981 book Poverty and Famines was written. (Louis Emmerij who led the programme took much personal interest in the work I was trying to do on famines.) I attempted to see famines as broad "economic" problems (concentrating on how people can buy food, or otherwise get entitled to it), rather than in terms of the grossly undifferentiated picture of aggregate food supply for the economy as a whole. The work was carried on later (from the middle of 1980s) under the auspices of the World Institute of Development Economics Research (WIDER) in Helsinki, which was imaginatively directed by Lal Jayawardena (an old friend who, as I noted earlier, had also been a contemporary of mine at Cambridge in the 1950s). Siddiq Osmani, my ex-student, ably led the programme on hunger and deprivation at WIDER. I also worked closely with Martha Nussbaum on the cultural side of the programme, during 1987-89.
By the mid-1980s, I was collaborating extensively with Jean Drèze, a young Belgian economist of extraordinary skill and remarkable dedication. My understanding of hunger and deprivation owes a great deal to his insights and investigations, and so does my recent work on development, which has been mostly done jointly with him. Indeed, my collaboration with Jean has been extremely fruitful for me, not only because I have learned so much from his, imaginative initiatives and insistent thoroughness, but also because it is hard to beat an arrangement for joint work whereby Jean does most of the work whereas I get a lot of the credit.
While these were intensely practical matters, I also got more and more involved in trying to understand the nature of individual advantage in terms of the substantive freedoms that different persons respectively enjoy, in the form of the capability to achieve valuable things. If my work in social choice theory was initially motivated by a desire to overcome Arrow's pessimistic picture by going beyond his limited informational base, my work on social justice based on individual freedoms and capabilities was similarly motivated by an aspiration to learn from, but go beyond, John Rawls's elegant theory of justice, through a broader use of available information. My intellectual life has been much influenced by the contributions as well as the wonderful helpfulness of both Arrow and Rawls.
Harvard and beyond
In the late 1980s, I had reason to move again from where I was. My wife, Eva, developed a difficult kind of cancer (of the stomach), and died quite suddenly in 1985. We had young children (Indrani and Kabir - then 10 and 8 respectively), and I wanted to take them away to another country, where they would not miss their mother constantly. The liveliness of America appealed to us as an alternative location, and I took the children with me to "taste" the prospects in the American universities that made me an offer.
Indrani and Kabir rapidly became familiar with several campuses (Stanford, Berkeley, Yale, Princeton, Harvard, UCLA, University of Texas at Austin, among them), even though their knowledge of America outside academia remained rather limited. (They particularly enjoyed visiting their grand uncle and aunt, Albert and Sarah Hirschman, at the Institute for Advanced Study in Princeton; as a Trustee of the Institute, visits to Princeton were also very pleasurable occasions for me.) I guess I was, to some extent, imposing my preference for the academic climate on the children, by confining the choice to universities only, but I did not really know what else to do. However, I must confess that I worried a little when I overheard my son Kabir, then nine years old, responding to a friendly American's question during a plane journey as to whether he knew Washington, D.C.. "Is that city," I heard Kabir say, "closer to Palo Alto or to New Haven?"
We jointly chose Harvard, and it worked out extremely well. My colleagues in economics and philosophy were just superb, some of whom I knew well from earlier on (including John Rawls and Tim Scanlon in philosophy, and Zvi Griliches, Dale Jorgenson, Janos Kornai, Stephen Marglin in economics), but there were also others whom I came to know after arriving at Harvard. I greatly enjoyed teaching regular joint courses with Robert Nozick and Eric Maskin, and also on occasions, with John Rawls and Thomas Scanlon (in philosophy) and with Jerry Green, Stephen Marglin and David Bloom (in economics). I could learn also from academics in many other fields as well, not least at the Society of Fellows where I served as a Senior Fellow for nearly a decade. Also, I was again blessed with wonderful students in economics, philosophy, public health and government, who did excellent theses, including Andreas Papandreou (who moved with me from Oxford to Harvard, and did a major book on externality and the environment), Tony Laden (who, among many other things, clarified the game-theoretic structure of Rawlsian theory of justice), Stephan Klasen (whose work on gender inequality in survival is possibly the most definitive work in this area), Felicia Knaul (who worked on street children and the economic and social challenges they face), Jennifer Ruger (who substantially advance the understanding of health as a public policy concern), and indeed many others with whom I greatly enjoyed working.
The social choice problems that had bothered me earlier on were by now more analyzed and understood, and I did have, I thought, some understanding of the demands of fairness, liberty and equality. To get firmer understanding of all this, it was necessary to pursue further the search for an adequate characterization of individual advantage. This had been the subject of my Tanner Lectures on Human Values at Stanford in 1979 (published as a paper, "Equality of What?" in 1980) and in a more empirical form, in a second set of Tanner Lectures at Cambridge in 1985 (published in 1987 as a volume of essays, edited by Geoffrey Hawthorne, with contributions by Bernard Williams, Ravi Kanbur, John Muellbauer, and Keith Hart). The approach explored sees individual advantage not merely as opulence or utility, but primarily in terms of the lives people manage to live and the freedom they have to choose the kind of life they have reason to value. The basic idea here is to pay attention to the actual "capabilities" that people end up having. The capabilities depend both on our physical and mental characteristics as well as on social opportunities and influences (and can thus serve as the basis not only of assessment of personal advantage but also of efficiency and equity of social policies). I was trying to explore this approach since my Tanner Lectures in 1979; there was a reasonably ambitious attempt at linking theory to empirical exercises in my book Commodities and Capabilities, published in 1985. In my first few years at Harvard, I was much concerned with developing this perspective further.
The idea of capabilities has strong Aristotelian connections, which I came to understand more fully with the help of Martha Nussbaum, a scholar with a remarkably extensive command over classical philosophy as well as contemporary ethics and literary studies. I learned a great deal from her, and we also collaborated in a number of studies during 1987-89, including in a collection of essays that pursued this approach in terms of philosophical as well as economic reasoning (Quality of Life was published in 1993, but the essays were from a conference at WIDER in Helsinki in 1988).
During my Harvard years up to about 1991, I was much involved in analyzing the overall implications of this perspective on welfare economics and political philosophy (this is reported in my book, Inequality Reexamined, published in 1992). But it was also very nice to get involved in some new problems, including the characterization of rationality, the demands of objectivity, and the relation between facts and values. I used the old technique of offering courses on them (sometimes jointly with Robert Nozick) and through that learning as much as I taught. I started taking an interest also in health equity (and in public health in particular, in close collaboration with Sudhir Anand), a challenging field of application for concepts of equity and justice. Harvard's ample strength in an immense variety of subjects gives one scope for much freedom in the choice of work and of colleagues to talk to, and the high quality of the students was a total delight as well. My work on inequality in terms of variables other than incomes was also helped by the collaboration of Angus Deaton and James Foster.
It was during my early years at Harvard that my old friend, Mahbub ul Haq, who had been a fellow student at Cambridge (and along with his wife, Bani, a very old and close friend), returned back into my life in a big way. Mahbub's professional life had taken him from Cambridge to Yale, then back to his native Pakistan, with intermediate years at the World Bank. In 1989 he was put in charge, by the United Nations Development Programme (UNDP), of the newly planned "Human Development Reports." Mahbub insisted that I work with him to help develop a broader informational approach to the assessment of development. This I did with great delight, partly because of the exciting nature of the work, but also because of the opportunity of working closely with such an old and wonderful friend. Human Development Reports seem to have received a good deal of attention in international circles, and Mahbub was very successful in broadening the informational basis of the assessment of development. His sudden death in 1998 has robbed the world of one of the leading practical reasoners in the world of contemporary economics.
India and Bangladesh
What about India? While I have worked abroad since 1971, I have constantly retained close connections with Indian universities, I have, of course, a special relation with Delhi University, where I have been an honorary professor since leaving my full-time job there in 1971, and I use this excuse to subject Delhi students to lectures whenever I get a chance. For various reasons - personal as well as academic - the peripatetic life seems to suit me, in this respect. After my student days in Cambridge in 1953-56, I guess I have never been away from India for more than six months at a time. This - combined with my remaining exclusively an Indian citizen - gives me, I think, some entitlement to speak on Indian public affairs, and this remains a constant involvement.
It is also very engaging - and a delight - to go back to Bangladesh as often as I can, which is not only my old home, but also where some of my closest friends and collaborators live and work. This includes Rehman Sobhan to whom I have been very close from my student days (he remains as sceptical of formal economics and its reach as he was in the early 1950s), and also Anisur Rehman (who is even more sceptical), Kamal Hossain, Jamal Islam, Mushairaf Hussain, among many others, who are all in Bangladesh.
When the Nobel award came my way, it also gave me an opportunity to do something immediate and practical about my old obsessions, including literacy, basic health care and gender equity, aimed specifically at India and Bangladesh. The Pratichi Trust, which I have set up with the help of some of the prize money, is, of course, a small effort compared with the magnitude of these problems. But it is nice to re-experience something of the old excitement of running evening schools, more than fifty years ago, in villages near Santiniketan.
From campus to campus
As far as my principal location is concerned, now that my children have grown up, I could seize the opportunity to move back to my old Cambridge college, Trinity. I accepted the offer of becoming Master of the College from January 1998 (though I have not cut my connections with Harvard altogether). The reasoning was not independent of the fact that Trinity is not only my old college where my academic life really began, but it also happens to be next door to King's, where my wife, Emma Rothschild, is a Fellow, and Director of the Centre for History and Economics. Her forthcoming book on Adam Smith also takes on the hard task of reinterpreting the European Enlightenment. It so happens that one principal character in this study is Condorcet, who was also one of the originators of social choice theory, which is very pleasing (and rather useful as well).
Emma too is a convinced academic (a historian and an economist), and both her parents had long connections with Cambridge and with the University. Between my four children, and the two of us, the universities that the Sen family has encountered include Calcutta University, Cambridge University, Jadavpur University, Delhi University, L.S.E., Oxford University, Harvard University, M.I.T., University of California at Berkeley, Stanford University, Cornell University, Smith College, Wesleyan University, among others. Perhaps one day we can jointly write an illustrated guide to the universities.
I end this essay where I began - at a university campus. It is not quite the same at 65 as it was at 5. But it is not so bad even at an older age (especially, as Maurice Chevalier has observed, "considering the alternative" ). Nor are university campuses quite as far removed from life as is often presumed. Robert Goheen has remarked, "if you feel that you have both feet planted on level ground, then the university has failed you." Right on. But then who wants to be planted on ground? There are places to go.
From Les Prix Nobel. The Nobel Prizes 1998, Editor Tore Frängsmyr, [Nobel Foundation], Stockholm, 1999
This autobiography/biography was written at the time of the award and later published in the book series Les Prix Nobel/Nobel Lectures. The information is sometimes updated with an addendum submitted by the Laureate. To cite this document, always state the source as shown above.
Who is a good leader? What does it take to lead people? What makes a great leader? Are all good leaders, great leaders? Are all good leaders, good? History sometimes answers these questions very definitely, bringing before us men and women of character, courage, integrity. People who inspire thousands, millions to action, to achieve great things, to reach for seemingly impossible ideals.
There are some who have led people with powerful and noble ideals – peace, freedom, co-existence. There are others who have led with powerful but malevolent ideals – suppression, racial supremacy. Yet there are a few things that unite them. They are all driven by passion, a vision, a goal, a dream. And a deep commitment to achieving that dream. A strength to make others not only share the dream but put their hands to the till and achieve the dream.
There are other leaders who inspire people not so much to action or external signs of change but to change within. They are able, by their supreme example, to change people’s beliefs, perceptions, attitudes, behavior and habits. This is leadership of the highest order. And the single different between a shepherd and the Good Shepherd.
Are we leaders? Most of us are, but only a few us walk the rough road to become good and worthy leaders. Whom do we lead? We lead, first of all by example and in most instance, only by example. The child in a school classroom who chooses to be honest, hardworking and diligent. The young executive who pushes herself harder so that others might follow. The husband who inspires his wife and children. The wife who draws the respect and admiration of her husband and children.
This form of leadership may not be the spectacular or revolutionary kind which takes crowds up mountains, trooping like an army against a dictatorship. It may even be forgotten almost as soon as the person is dead. But it is not any less of a vocation. For we are leaders in the truest sense when we give of out time, our effort, our resources to the people we love. We are leaders not just when we stand on high platforms and make thunderous speeches, but also when we remember who we are in the little things. Recognizing good work and praising generously. Chiding those who do not achieve their potential and guiding them on to higher things. Setting high standards in work and play. How is this commitment expressed? By refusing to shy away from pain and suffering, even in the most harsh circumstances. By falling – for we will certainly fall – and rising again. There are some leaders with promise who start out very enthusiastically and with great ambition, but who give up at the first sign of failure. The believe, that in falling, they have failed. When in truth, it is in not rising again, that they have failed. For to believe that failure is impossible is to imagine they are gods. And it is only true leaders, who realize that falling and failing are part of the human condition.
So who is the Good Shepherd? He is one who lays down his life for his sheep. A leader who places his people and their lives, above everything else – even himself. But this does not necessarily mean a martyrdom in the strictest sense of the term – by throwing oneself in the lion’s den, or by choosing a glorious death. Martyrdom also means choosing to live the hard life. Choosing to be happy and content when it seems impossible to smile. Choosing to forgive those who betray your trust and to place new trust in people you have never trusted before. Being the good shepherd means going out into the night, to search for the one sheep who is lost, when all the ninety-nine others are safe home.
For the love of the multitude is expressed most profoundly in the love of the single soul. The Good Shepherd does not merely love “humanity” in the loose, general sense, he loves every single human being, in the deepest sense possible.
-- R F Lambert
Comment posted by Quixotic
at 3/29/2005 10:01:00 PM
"Cult of Personality"--Living Colour
Look into my eyes, what do you see?
Cult of personality
I know your anger, I know your dreams
I’ve been everything you want to be
I’m the cult of personality
Like mussolini and kennedy
I’m the cult of personality
Cult of personality
Cult of personality
Neon lights, a nobel prize
The mirror speaks, the reflection lies
You don’t have to follow me
Only you can set me free
I sell the things you need to be
I’m the smiling face on your t.v.
I’m the cult of personality
I exploit you still you love me
I tell you one and one makes three
I’m the cult of personality
Like joseph stalin and gandi
I’m the cult of personality
Cult of personality
Cult of personality
Neon lights a nobel prize
A leader speaks, that leader dies
You don’t have to follow me
Only you can set you free
You gave me fortune
You gave me fame
You me power in your god’s name
I’m every person you need to be
I’m the cult of personality
Look into my eyes, what do you see?
Cult of personality
I know your anger, I know your dreams
I’ve been everything you want to be
I’m the cult of personality
Like mussolini and kennedy
I’m the cult of personality
Cult of personality
Cult of personality
Neon lights, a nobel prize
The mirror speaks, the reflection lies
You don’t have to follow me
Only you can set me free
I sell the things you need to be
I’m the smiling face on your t.v.
I’m the cult of personality
I exploit you still you love me
I tell you one and one makes three
I’m the cult of personality
Like joseph stalin and gandi
I’m the cult of personality
Cult of personality
Cult of personality
Neon lights a nobel prize
A leader speaks, that leader dies
You don’t have to follow me
Only you can set you free
You gave me fortune
You gave me fame
You me power in your god’s name
I’m every person you need to be
I’m the cult of personality
Tuesday, March 29, 2005
Friday, March 25, 2005
The hymenal ring normally gets disrupted after a woman has had sexual intercourse or even after strenuous physical activity or tampon use. Sometimes, for cultural or other personal reasons (for example, an upcoming marriage), a woman would like to restore a more intact, tighter hymenal ring. Using a special surgical technique, we can repair and tighten the hymen to a more intact, virgin-like state in most patients. Because of a wide variation among hymenal and vaginal states, we customize the surgery to the individual needs and expectations of the patient, as are discussed during the required pre-surgical consultation and thorough gynecological examination. In most cases, the surgery is virtually undetectable after complete healing, and patients are very pleased with our final results.
Please note that this surgery is done solely for the personal benefit of the individual patient. We absolutely do not provide or condone any form of female circumcision or genital mutilation, regardless of one's cultural beliefs.
Thursday, March 24, 2005
Long years ago we made a tryst with destiny, and now the time comes when we shall redeem our pledge, not wholly or in full measure, but very substantially. At the stroke of the midnight hour, when the world sleeps, India will awake to life and freedom.
A moment comes, which comes but rarely in history, when we step out from the old to the new, when an age ends, and when the soul of a nation, long suppressed, finds utterance. It is fitting that at this solemn moment we take the pledge of dedication to the service of India and her people and to the still larger cause of humanity.
At the dawn of history India started on her unending quest, and trackless centuries are filled with her striving and the grandeur of her success and her failures. Through good and ill fortune alike she has never lost sight of that quest or forgotten the ideals which gave her strength.
We end today a period of ill fortune and India discovers herself again. The achievement we celebrate today is but a step, an opening of opportunity, to the greater triumphs and achievements that await us. Are we brave enough and wise enough to grasp this opportunity and accept the challenge of the future?
Freedom and power bring responsibility. The responsibility rests upon this Assembly, a sovereign body representing the sovereign people of India. Before the birth of freedom we have endured all the pains of labour and our hearts are heavy with the memory of this sorrow. Some of those pains continue even now. Nevertheless, the past is over and it is the future that beckons to us now.
That future is not one of ease or resting but of incessant striving so that we may fulfill the pledges we have so often taken and the one we shall take today. The service of India means the service of the millions who suffer. It means the ending of poverty and ignorance and disease and inequality of opportunity. The ambition of the greatest man of our generation has been to wipe every tear from every eye. That may be beyond us, but as long as there are tears and suffering, so long our work will not be over.
And so we have to labour and to work, and work hard, to give reality to our dreams. Those dreams are for India, but they are also for the world, for all the nations and peoples are too closely knit together today for any one of them to imagine that it can live apart. Peace has been said to be indivisible; so is freedom, so is prosperity now, and so also is disaster in this One World that can no longer be split into isolated fragments.
To the people of India, whose representatives we are, we make an appeal to join us with faith and confidence in this great adventure. This is no time for petty and destructive criticism, no time for ill will or blaming others. We have to build the noble mansion of free India where all her children may dwell.
-- Jawahar Lal Nehru
More than 100 men and women attended the service and sermon given by Amina Wadud, professor of Islamic studies at Virginia Commonwealth University.
The location was moved to an Anglican Church building in New York after mosques refused to host the event.
The service has been criticised by a number of Muslim leaders, who say it goes against Islamic doctrine.
"The issue of gender equality is a very important one in Islam, and Muslims have unfortunately used highly restrictive interpretations of history to move backward," Ms Wadud said before the service started.
"With this prayer service we are moving forward. This single act is symbolic of the possibilities within Islam."
Those who attended were said to be evenly divided between men and women. Most women wore the traditional Muslim headscarf and robes.
Some 15 protesters gathered outside the Synod House of the Cathedral of St John the Divine, where the prayers took place. One carried a placard calling for Allah's curse to be upon one of the event's organisers.
"She is tarnishing the whole Islamic faith. If this was an Islamic state, this woman would be hanged," one man, Nussrah, told the Associated Press.
The BBC Middle East correspondent says the controversy has meant Ms Wadud is getting prominent coverage on Arabic television networks.
The service was organised by a group of activists, journalists and scholars who hoped to encourage discussion about the centuries-old tradition of separating men and women during congregational prayer, and reserving the role of prayer leader, or imam, for men.
One organiser, Asra Q Nomani, said they would challenge the "second-class" status of women in Muslim spiritual life.
"We are taking actions that no-one else would have dared to think about before," she told The New York Times. "Nobody cared that we didn't have a place in the faith."
However, the sheik of Cairo's Al-Azhar mosque, one of the world's top Islamic institutions, said Islam did not allow for women to preach to men.
"When she leads men in prayer... it's not proper for them to look at the woman whose body is in front of them," Sayed Tantawi wrote in a column for the Egyptian newspaper Al-Ahram.
In New York, Aisha al-Adawiya, head of Women in Islam, said she feared a "backlash".
The prayer service was moved after it was rejected by three mosques and an art gallery venue received a bomb threat, the AP reported.
The goal of the ethical hacker is to help the organization take preemptive measures against malicious attacks by attacking the system himself; all the while staying within legal limits. This philosophy stems from the proven practice of trying to catch a thief, by thinking like a thief. As technology advances and organization depend on technology increasingly, information assets have evolved into critical components of survival.
If hacking involves creativity and thinking 'out-of-the-box', then vulnerability testing and security audits will not ensure the security proofing of an organization. To ensure that organizations have adequately protected their information assets, they must adopt the approach of 'defense in depth'. In other words, they must penetrate their networks and assess the security posture for vulnerabilities and exposure.
The definition of an Ethical Hacker is very similar to a Penetration Tester. The Ethical Hacker is an individual who is usually employed with the organization and who can be trusted to undertake an attempt to penetrate networks and/or computer systems using the same methods as a Hacker. Hacking is a felony in the United States and most other countries. When it is done by request and under a contract between an Ethical Hacker and an organization, it is legal. The most important point is that an Ethical Hacker has authorization to probe the target.
Monday, March 21, 2005
by Sarah Granger
last updated December 18, 2001
A True Story
One morning a few years back, a group of strangers walked into a large shipping firm and walked out with access to the firm’s entire corporate network. How did they do it? By obtaining small amounts of access, bit by bit, from a number of different employees in that firm. First, they did research about the company for two days before even attempting to set foot on the premises. For example, they learned key employees’ names by calling HR. Next, they pretended to lose their key to the front door, and a man let them in. Then they "lost" their identity badges when entering the third floor secured area, smiled, and a friendly employee opened the door for them.
The strangers knew the CFO was out of town, so they were able to enter his office and obtain financial data off his unlocked computer. They dug through the corporate trash, finding all kinds of useful documents. They asked a janitor for a garbage pail in which to place their contents and carried all of this data out of the building in their hands. The strangers had studied the CFO's voice, so they were able to phone, pretending to be the CFO, in a rush, desperately in need of his network password. From there, they used regular technical hacking tools to gain super-user access into the system.
In this case, the strangers were network consultants performing a security audit for the CFO without any other employees' knowledge. They were never given any privileged information from the CFO but were able to obtain all the access they wanted through social engineering. (This story was recounted by Kapil Raina, currently a security expert at Verisign and co-author of mCommerce Security: A Beginner's Guide, based on an actual workplace experience with a previous employer.)
Most articles I’ve read on the topic of social engineering begin with some sort of definition like “the art and science of getting people to comply to your wishes” (Bernz 2), “an outside hacker’s use of psychological tricks on legitimate users of a computer system, in order to obtain information he needs to gain access to the system” (Palumbo), or “getting needed information (for example, a password) from a person rather than breaking into a system” (Berg). In reality, social engineering can be any and all of these things, depending upon where you sit. The one thing that everyone seems to agree upon is that social engineering is generally a hacker’s clever manipulation of the natural human tendency to trust. The hacker’s goal is to obtain information that will allow him/her to gain unauthorized access to a valued system and the information that resides on that system.
Security is all about trust. Trust in protection and authenticity. Generally agreed upon as the weakest link in the security chain, the natural human willingness to accept someone at his or her word leaves many of us vulnerable to attack. Many experienced security experts emphasize this fact. No matter how many articles are published about network holes, patches, and firewalls, we can only reduce the threat so much... and then it’s up to Maggie in accounting or her friend, Will, dialing in from a remote site, to keep the corporate network secured.
Target and Attack
The basic goals of social engineering are the same as hacking in general: to gain unauthorized access to systems or information in order to commit fraud, network intrusion, industrial espionage, identity theft, or simply to disrupt the system or network. Typical targets include telephone companies and answering services, big-name corporations and financial institutions, military and government agencies, and hospitals. The Internet boom had its share of industrial engineering attacks in start-ups as well, but attacks generally focus on larger entities.
Finding good, real-life examples of social engineering attacks is difficult. Target organizations either do not want to admit that they have been victimized (after all, to admit a fundamental security breach is not only embarrassing, it may damaging to the organization’s reputation) and/or the attack was not well documented so that nobody is really sure whether there was a social engineering attack or not.
As for why organizations are targeted through social engineering – well, it’s often an easier way to gain illicit access than are many forms of technical hacking. Even for technical people, it’s often much simpler to just pick up the phone and ask someone for his password. And most often, that’s just what a hacker will do.
Social engineering attacks take place on two levels: the physical and the psychological. First, we'll focus on the physical setting for these attacks: the workplace, the phone, your trash, and even on-line. In the workplace, the hacker can simply walk in the door, like in the movies, and pretend to be a maintenance worker or consultant who has access to the organization. Then the intruder struts through the office until he or she finds a few passwords lying around and emerges from the building with ample information to exploit the network from home later that night. Another technique to gain authentication information is to just stand there and watch an oblivious employee type in his password.
Social Engineering by Phone
The most prevalent type of social engineering attack is conducted by phone. A hacker will call up and imitate someone in a position of authority or relevance and gradually pull information out of the user. Help desks are particularly prone to this type of attack. Hackers are able to pretend they are calling from inside the corporation by playing tricks on the PBX or the company operator, so caller-ID is not always the best defense. Here’s a classic PBX trick, care of the Computer Security Institute: “’Hi, I’m your AT&T rep, I’m stuck on a pole. I need you to punch a bunch of buttons for me.’”
And here’s an even better one: “They’ll call you in the middle of the night: ‘Have you been calling Egypt for the last six hours?’ ‘No.’ And they’ll say, ‘well, we have a call that’s actually active right now, it’s on your calling card and it’s to Egypt and as a matter of fact, you’ve got about $2,000 worth of charges from somebody using your card. You’re responsible for the $2,000, you have to pay that...’ They’ll say, ‘I’m putting my job on the line by getting rid of this $2,000 charge for you. But you need to read off that AT&T card number and PIN and then I’ll get rid of the charge for you.’ People fall for it.” (Computer Security Institute).
Help desks are particularly vulnerable because they are in place specifically to help, a fact that may be exploited by people who are trying to gain illicit information. Help desk employees are trained to be friendly and give out information, so this is a gold mine for social engineering. Most help desk employees are minimally educated in the area of security and get paid peanuts, so they tend to just answer questions and go on to the next phone call. This can create a huge security hole.
The facilitator of a live Computer Security Institute demonstration, neatly illustrated the vulnerability of help desks when he “dialed up a phone company, got transferred around, and reached the help desk. ‘Who’s the supervisor on duty tonight?’ ‘Oh, it’s Betty.’ ‘Let me talk to Betty.’ [He’s transferred.] ‘Hi Betty, having a bad day?’ ‘No, why?...Your systems are down.’ She said, ‘my systems aren’t down, we’re running fine.’ He said, ‘you better sign off.’ She signed off. He said, ‘now sign on again.’ She signed on again. He said, ‘we didn’t even show a blip, we show no change.’ He said, ‘sign off again.’ She did. ‘Betty, I’m going to have to sign on as you here to figure out what’s happening with your ID. Let me have your user ID and password.’ So this senior supervisor at the Help Desk tells him her user ID and password.” Brilliant.
A variation on the phone theme is the pay phone or ATM. Hackers really do shoulder surf and obtain credit card numbers and PINs this way. (It happened to a friend of mine in a large US airport.) People always stand around phone booths at airports, so this is a place to be extra cautious.
Dumpster diving, also known as trashing, is another popular method of social engineering. A huge amount of information can be collected through company dumpsters. The LAN Times listed the following items as potential security leaks in our trash: “company phone books, organizational charts, memos, company policy manuals, calendars of meetings, events and vacations, system manuals, printouts of sensitive data or login names and passwords, printouts of source code, disks and tapes, company letterhead and memo forms, and outdated hardware.”
These sources can provide a rich vein of information for the hacker. Phone books can give the hackers names and numbers of people to target and impersonate. Organizational charts contain information about people who are in positions of authority within the organization. Memos provide small tidbits of useful information for creating authenticity. Policy manuals show hackers how secure (or insecure) the company really is. Calendars are great – they may tell attackers which employees are out of town at a particular time. System manuals, sensitive data, and other sources of technical information may give hackers the exact keys they need to unlock the network. Finally, outdated hardware, particularly hard drives, can be restored to provide all sorts of useful information. (We’ll discuss how to dispose of all of this in the second installment in this series; suffice it to say, the shredder is a good place to start.)
On-Line Social Engineering
The Internet is fertile ground for social engineers looking to harvest passwords. The primary weakness is that many users often repeat the use of one simple password on every account: Yahoo, Travelocity, Gap.com, whatever. So once the hacker has one password, he or she can probably get into multiple accounts. One way in which hackers have been known to obtain this kind of password is through an on-line form: they can send out some sort of sweepstakes information and ask the user to put in a name (including e-mail address – that way, she might even get that person’s corporate account password as well) and password. These forms can be sent by e-mail or through US Mail. US Mail provides a better appearance that the sweepstakes might be a legitimate enterprise.
Another way hackers may obtain information on-line is by pretending to be the network administrator, sending e-mail through the network and asking for a user’s password. This type of social engineering attack doesn’t generally work, because users are generally more aware of hackers when online, but it is something of which to take note. Furthermore, pop-up windows can be installed by hackers to look like part of the network and request that the user reenter his username and password to fix some sort of problem. At this point in time, most users should know not to send passwords in clear text (if at all), but it never hurts to have an occasional reminder of this simple security measure from the System Administrator. Even better, sys admins might want to warn their users against disclosing their passwords in any fashion other than a face-to-face conversation with a staff member who is known to be authorized and trusted.
E-mail can also be used for more direct means of gaining access to a system. For instance, mail attachments sent from someone of authenticity can carry viruses, worms and Trojan horses. A good example of this was an AOL hack, documented by VIGILANTe: “In that case, the hacker called AOL’s tech support and spoke with the support person for an hour. During the conversation, the hacker mentioned that his car was for sale cheaply. The tech supporter was interested, so the hacker sent an e-mail attachment ‘with a picture of the car’. Instead of a car photo, the mail executed a backdoor exploit that opened a connection out from AOL through the firewall.”
The hackers themselves teach social engineering from a psychological point-of-view, emphasizing how to create the perfect psychological environment for the attack. Basic methods of persuasion include: impersonation, ingratiation, conformity, diffusion of responsibility, and plain old friendliness. Regardless of the method used, the main objective is to convince the person disclosing the information that the social engineer is in fact a person that they can trust with that sensitive information. The other important key is to never ask for too much information at a time, but to ask for a little from each person in order to maintain the appearance of a comfortable relationship.
Impersonation generally means creating some sort of character and playing out the role. The simpler the role, the better. Sometimes this could mean just calling up, saying: “Hi, I’m Joe in MIS and I need your password,” but that doesn’t always work. Other times, the hacker will study a real individual in an organization and wait until that person is out of town to impersonate him over the phone. According to Bernz, a hacker who has written extensively on the subject, they use little boxes to disguise their voices and study speech patterns and org charts. I’d say it’s the least likely type of impersonation attack because it takes the most preparation, but it does happen.
Some common roles that may be played in impersonation attacks include: a repairman, IT support, a manager, a trusted third party (for example, the President’s executive assistant who is calling to say that the President okayed her requesting certain information), or a fellow employee. In a huge company, this is not that hard to do. There is no way to know everyone - IDs can be faked. Most of these roles fall under the category of someone with authority, which leads us to ingratiation. Most employees want to impress the boss, so they will bend over backwards to provide required information to anyone in power.
Conformity is a group-based behavior, but can be used occasionally in the individual setting by convincing the user that everyone else has been giving the hacker the same information now requested, such as if the hacker is impersonating an IT manager. When hackers attack in such a way as to diffuse the responsibility of the employee giving the password away, that alleviates the stress on the employee.
When in doubt, the best way to obtain information in a social engineering attack is just to be friendly. The idea here is that the average user wants to believe the colleague on the phone and wants to help, so the hacker really only needs to be basically believable. Beyond that, most employees respond in kind, especially to women. Slight flattery or flirtation might even help soften up the target employee to co-operate further, but the smart hacker knows when to stop pulling out information, just before the employee suspects anything odd. A smile, if in person, or a simple “thank you” clenches the deal. And if that’s not enough, the new user routine often works too: “I’m confused, (batting eyelashes) can you help me?”
Reverse Social Engineering
A final, more advanced method of gaining illicit information is known as “reverse social engineering”. This is when the hacker creates a persona that appears to be in a position of authority so that employees will ask him for information, rather than the other way around. If researched, planned and executed well, reverse social engineering attacks may offer the hacker an even better chance of obtaining valuable data from the employees; however, this requires a great deal of preparation, research, and pre-hacking to pull off.
According to Methods of Hacking: Social Engineering, a paper by Rick Nelson, the three parts of reverse social engineering attacks are sabotage, advertising, and assisting. The hacker sabotages a network, causing a problem arise. That hacker then advertises that he is the appropriate contact to fix the problem, and then, when he comes to fix the network problem, he requests certain bits of information from the employees and gets what he really came for. They never know it was a hacker, because their network problem goes away and everyone is happy.
Of course, no social engineering article is complete without mention of Kevin Mitnick, so I’ll conclude with a quote from him from an article in Security Focus: “You could spend a fortune purchasing technology and services...and your network infrastructure could still remain vulnerable to old-fashioned manipulation.” Stay tuned for Part II: Combat Strategies, which will look at ways of combatting attacks by identifying attacks, and by using preventative technology, training, and policies.
To read Social Engineering, Part Two: Combat Strategies, click here.
Ameritech Consumer Information “Social Engineering Fraud,”
Anonymous “Social engineering: examples and countermeasures from the real-world,” Computer Security Institute
Arthurs, Wendy: “A Proactive Defence to Social Engineering,” SANS Institute, August 2, 2001.
Berg, Al: “Al Berg Cracking a Social Engineer,” by, LAN Times Nov. 6, 1995.
Bernz 1: “Bernz’s Social Engineering Intro Page”
Bernz 2: “The complete Social Engineering FAQ!”
Harl “People Hacking: The Psychology of Social Engineering” Text of Harl’s Talk at Access All Areas III, March 7, 1997.
Mitnick, Kevin: “My first RSA Conference,” SecurityFocus, April 30, 2001
Orr, Chris “Social Engineering: A Backdoor to the Vault,”, SANS Institute, September 5, 2000
Palumbo, John “Social Engineering: What is it, why is so little said about it and what can be done?”, SANS Institute, July 26, 2000
Stevens, George: “Enhancing Defenses Against Social Engineering” SANS Institute, March 26, 2001
Tims, Rick “Social Engineering: Policies and Education a Must” SANS Institute, February 16, 2001
Verizon “PBX Social Engineering Scam” 2000
VIGILANTe “Social Engineering” 2001
Definitions and Value of Honeypots
Last Modified: 29 May, 2003
Honeypots are an exciting new technology with enormous potential for the security community. The concepts were first introduced by several icons in computer security, specifically Cliff Stoll in the book The Cuckoo's Egg", and Bill Cheswick's paper " An Evening with Berferd." Since then, honeypots have continued to evolve, developing into the powerful security tools they are today. The purpose of this paper is to explain exactly what honeypots are, their advantages and disadvatages, and their value to the security.
The first step to understanding honeypots is defining what a honeypot is. This can be harder then it sounds. Unlike firewalls or Intrusion Detection Systems, honeypots do not solve a specific problem. Instead, they are a highly flexible tool that comes in many shapes and sizes. They can do everything from detecting encrypted attacks in IPv6 networks to capturing the latest in on-line credit card fraud. Its is this flexibility that gives honeypots their true power. It is also this flexibility that can make them challenging to define and understand. As such, I use the following definition to define what a honeypot is.
A honeypot is an information system resource whose value lies in unauthorized or illicit use of that resource. This is a general defintion covering all the different manifistations of honeypots. We will be discussing in this paper different examples of honeypots and their value to security. All will fall under the definition we use above, their value lies in the bad guys interacting with them. Conceptually almost all honeypots work they same. They are a resource that has no authorized activity, they do not have any production value. Theoreticlly, a honeypot should see no traffic because it has no legitimate activity. This means any interaction with a honeypot is most likely unauthorized or malicious activity. Any connection attempts to a honeypot are most likely a probe, attack, or compromise. While this concept sounds very simple (and it is), it is this very simplicity that give honeypots their tremendous advantages (and disadvantages). I highlight these below.
Advantages: Honeypots are a tremendously simply concept, which gives them some very powerful strengths.
Small data sets of high value: Honeypots collect small amounts of information. Instead of logging a one GB of data a day, they can log only one MB of data a day. Instead of generating 10,000 alerts a day, they can generate only 10 alerts a day. Remember, honeypots only capture bad activity, any interaction with a honeypot is most likely unauthorized or malicious activity. As such, honeypots reduce 'noise' by collectin only small data sets, but information of high value, as it is only the bad guys. This means its much easier (and cheaper) to analyze the data a honeypot collects and derive value from it.
New tools and tactics: Honeypots are designed to capture anything thrown at them, including tools or tactics never seen before.
Minimal resources: Honeypots require minimal resources, they only capture bad activity. This means an old Pentium computer with 128MB of RAM can easily handle an entire class B network sitting off an OC-12 network.
Encryption or IPv6: Unlike most security technologies (such as IDS systems) honeypots work fine in encrypted or IPv6 environments. It does not matter what the bad guys throw at a honeypot, the honeypot will detect and capture it.
Information: Honeypots can collect in-depth information that few, if any other technologies can match.
Simplicty: Finally, honeypots are conceptually very simple. There are no fancy algorithms to develop, state tables to maintain, or signatures to update. The simpler a technology, the less likely there will be mistakes or misconfigurations.
Disadvantages: Like any technology, honeypots also have their weaknesses. It is because of this they do not replace any current technology, but work with existing technologies.
Limited view: Honeypots can only track and capture activity that directly interacts with them. Honeypots will not capture attacks against other systems, unless the attacker or threat interacts with the honeypots also.
Risk: All security technologies have risk. Firewalls have risk of being penetrated, encryption has the risk of being broken, IDS sensors have the risk of failing to detect attacks. Honeypots are no different, they have risk also. Specifically, honeypots have the risk of being taken over by the bad guy and being used to harm other systems. This risk various for different honeypots. Depending on the type of honeypot, it can have no more risk then an IDS sensor, while some honeypots have a great deal of risk. We identify which honeypots have what levels of risk later in the paper.
It is how you leverage these advantages and disadvantages that defines the value of your honeypot (which we discuss later).
Types of Honeypots
Honeypots come in many shapes and sizes, making them difficult to get a grasp of. To help us better understand honeypots and all the different types, we break them down into two general categories, low-interaction and high-interaction honeypots. These categories helps us understand what type of honeypot you are dealing with, its strengths, and weaknesses. Interaction defines the level of activity a honeypot allows an attacker. Low-interaction honeypots have limited interaction, they normally work by emulating services and operating systems. Attacker activity is limited to the level of emulation by the honeypot. For example, an emulated FTP service listening on port 21 may just emulate a FTP login, or it may support a variety of additional FTP commands. The advantages of a low-interaction honeypot is their simplicity. These honeypots tend to be easier to deploy and maintain, with minimal risk. Usually they involve installing software, selecting the operating systems and services you want to emulate and monitor, and letting the honeypot go from there. This plug and play approach makes deploying them very easy for most organizations. Also, the emulated services mitigate risk by containing the attacker's activity, the attacker never has access to an operating system to attack or harm others. The main disadvantages with low interaction honeypots is that they log only limited information and are designed to capture known activity. The emulated services can only do so much. Also, its easier for an attacker to detect a low-interaction honeypot, no matter how good the emulation is, skilled attacker can eventually detect their presence. Examples of low-interaction honeypots include Specter, Honeyd, and KFSensor.
High-interaction honeypots are different, they are usually complex solutions as they involve real operating systems and applications. Nothing is emulated, we give attackers the real thing. If you want a Linux honeypot running an FTP server, you build a real Linux system running a real FTP server. The advantages with such a solution are two fold. First, you can capture extensive amounts of information. By giving attackers real systems to interact with, you can learn the full extent of their behavior, everything from new rootkits to international IRC sessions. The second advantage is high-interaction honeypots make no assumptions on how an attacker will behave. Instead, they provide an open environment that captures all activity. This allows high-interaction solutions to learn behavior we would not expect. An excellent example of this is how a Honeynet captured encoded back door commands on a non-standard IP protocol (specifically IP protocol 11, Network Voice Protocol). However, this also increases the risk of the honeypot as attackers can use these real operating system to attack non-honeypot systems. As result, additional technologies have to be implement that prevent the attacker from harming other non-honeypot systems. In general, high-interaction honeypots can do everything low-interaction honeypots can do and much more. However, they can be more complext to deploy and maintain. Examples of high-interaction honeypots include Symantec Decoy Server and Honeynets. You can find a complete listing of both low and high interaction honeypots at Honeypot Solutions page. To better understand both low and high interaction honeypots lets look at two examples. We will start with the low-interaction honeypot Honeyd.
Honeyd: Low-interaction honeypot
Honeyd is a low-interaction honeypot. Developed by Niels Provos, Honeyd is OpenSource and designed to run primarily on Unix systems (though it has been ported to Windows). Honeyd works on the concept of monitoring unused IP space. Anytime it sees a connection attempt to an unused IP, it intercepts the connection and then interacts with the attacker, pretending to be the victim. By default, Honeyd detects and logs any connection to any UDP or TCP port. In addition, you can configure emulated services to monitor specific ports, such as an emulated FTP server monitoring TCP port 21. When an attacker connects to the emulated service, not only does the honeypot detect and log the activity, but it captures all of the attacker's interaction with the emulated service. In the case of the emulated FTP server, we can potentially capture the attacker's login and password, the commands they issue, and perhaps even learn what they are looking for or their identity. It all depends on the level of emulation by the honeypot. Most emulated services work the same way. They expect a specific type of behavior, and then are programmed to react in a predetermined way. If attack A does this, then react this way. If attack B does this, then respond this way. The limitation is if the attacker does something that the emulation does not expect, then it does not know how to respond. Most low-interaction honeypots, including Honeyd, simply generate an error message. You can see what commands the emulated FTP server for Honeyd supports by review the source code.
Some honeypots, such as Honeyd, can not only emulate services, but emulate actual operating systems. In other words, Honeyd can appear to the attacker to be a Cisco router, WinXP webserver, or Linux DNS server. There are several advantages to emulating different operating systems. First, the honeypot can better blend in with existing networks if the honeypot has the same appearance and behavior of production systems. Second, you can target specific attackers by providing systems and services they often target, or systems and services you want to learn about. There are two elements to emulating operating systems. The first is with the emulated services. When an attacker connects to an emulated service, you can have that service behave like and appear to be a specific OS. For example, if you have a service emulating a webserver, and you want your honeypot to appear to be a Win2000 server, then you would emulate the behavior of a IIS webserver. For Linux, you would emulate the behavior of an Apache webserver. Most honeypots emulate OS' in this manner. Some sophisticated honeypots take this emulation one step farther (as Honeyd does). Not only do they emulate at the service level, but at the IP stack level. If someone uses active fingerprinting measures to determine the OS type of your honeypot most honeypots respond with the IP stack of whatever OS the honeypot is installed on. Honeyd spoof the replies, making not only the emulated services, but emulated IP stacks behave as the operating systems would. The level of emulation and sophistication depends on what honeypot technology you chose to use.
Honeynets: High-interaction honeypot
Honeynets are a prime example of high-interaction honeypot. Honeynets are not a product, they are not a software solution that you install on a computer. Instead, Honeyents are an architecture, an entire network of computers designed to attacked. The idea is to have an architecture that creates a highly controlled network, one where all activity is controlled and captured. Within this network we place our intended victims, real computers running real applications. The bad guys find, attack, and break into these systems on their own initiative. When they do, they do not realize they are within a Honeynet. All of their activity, from encrypted SSH sessions to emails and files uploads, are captured without them knowing it. This is done by inserting kernel modules on the victim systems that capture all of the attacker's actions. At the same time, the Honeynet controls the attacker's activity. Honeynets do this using a Honeywall gateway. This gateway allows inbound traffic to the victim systems, but controls the outbound traffic using intrusion prevention technologies. This gives the attacker the flexibility to interact with the victim systems, but prevents the attacker from harming other non-Honeynet computers. An example of such a deployment can be seen in Figure 1.
Value of Honeypots
Now that we have understanding of two general categories of honepyots, we can focus on their value. Specifically, how we can use honeypots. Once again, we have two general categories, honeypots can be used for production purposes or research. When used for production purposes, honeypots are protecting an organization. This would include preventing, detecting, or helping organizations respond to an attack. When used for research purposes, honeypots are being used to collect information. This information has different value to different organizations. Some may want to be studying trends in attacker activity, while others are interested in early warning and prediction, or law enforcement. In general, low-interaction honeypots are often used for production purposes, while high-interaction honeypots are used for research purposes. However, either type of honeypot can be used for either purpose. When used for production purposes, honeypots can protect organizations in one of three ways; prevention, detection, and response. We will take a more in-depth look at how a honeypot can work in all three.
Honeypots can help prevent attacks in several ways. The first is against automated attacks, such as worms or auto-rooters. These attacks are based on tools that randomly scan entire networks looking for vulnerable systems. If vulnerable systems are found, these automated tools will then attack and take over the system (with worms self-replicating, copying themselves to the victim). One way that honeypots can help defend against such attacks is slowing their scanning down, potentially even stopping them. Called sticky honeypots, these solutions monitor unused IP space. When probed by such scanning activity, these honeypots interact with and slow the attacker down. They do this using a variety of TCP tricks, such as a Windows size of zero, putting the attacker into a holding pattern. This is excellent for slowing down or preventing the spread of a worm that has penetrated your internal organization. One such example of a sticky honeypot is LaBrea Tarpit. Sticky honeypots are most often low-interaction solutions (you can almost call them 'no-interaction solutions', as they slow the attacker down to a crawl :). Honeypots can also be protect your organization from human attackers. The concept is deception or deterrence. The idea is to confuse an attacker, to make him waste his time and resources interacting with honeypots. Meanwhile, your organization has detected the attacker's activity and have the time to respond and stop the attacker. This can be even taken one step farther. If an attacker knows your organization is using honeypots, but does not know which systems are honeypots and which systems are legitimate computers, they may be concerned about being caught by honeypots and decided not to attack your organizations. Thus the honeypot deters the attacker. An example of a honeypot designed to do this is Deception Toolkit, a low-interaction honeypot.
The second way honeypots can help protect an organization is through detection. Detection is critical, its purpose is to identify a failure or breakdown in prevention. Regardless of how secure an organization is, there will always be failures, if for no other reasons then humans are involved in the process. By detecting an attacker, you can quickly react to them, stopping or mitigating the damage they do. Tradtionally, detection has proven extremely difficult to do. Technologies such as IDS sensors and systems logs haven proven ineffective for several reasons. They generate far too much data, large percentage of false positives, inability to detect new attacks, and the inability to work in encrypted or IPv6 environments. Honeypots excel at detection, addressing many of these problems of traditional detection. Honeypots reduce false positives by capturing small data sets of high value, capture unknown attacks such as new exploits or polymorphic shellcode, and work in encrypted and IPv6 environments. You can learn more about this in the paper Honeypots: Simple, Cost Effective Detection. In general, low-interaction honeypots make the best solutions for detection. They are easier to deploy and maintain then high-interaction honeypots and have reduced risk.
The third and final way a honeypot can help protect an organization is in reponse. Once an organization has detected a failure, how do they respond? This can often be one of the greatest challenges an organization faces. There is often little information on who the attacker is, how they got in, or how much damage they have done. In these situations detailed information on the attacker's activity are critical. There are two problems compounding incidence response. First, often the very systems compromised cannot be taken offline to analyze. Production systems, such as an organization's mail server, are so critical that even though its been hacked, security professionals may not be able to take the system down and do a proper forensic analysis. Instead, they are limited to analyze the live system while still providing production services. This cripiles the ability to analyze what happend, how much damage the attacker has done, and even if the attacker has broken into other systems. The other problem is even if the system is pulled offline, there is so much data pollution it can be very difficult to determine what the bad guy did. By data pollution, I mean there has been so much activity (user's logging in, mail accounts read, files written to databases, etc) it can be difficult to determine what is normal day-to-day activity, and what is the attacker. Honeypots can help address both problems. Honeypots make an excellent incident resonse tool, as they can quickly and easily be taken offline for a full forensic analysis, without impacting day-to-day business operations. Also, the only activity a honeypot captures is unauthorized or malicious activity. This makes hacked honeypots much easier to analyze then hacked production systems, as any data you retrieve from a honeypot is most likely related to the attacker. The value honeypots provide here is quickly giving organizations the in-depth information they need to rapidly and effectively respond to an incident. In general, high-interaction honeypots make the best solution for response. To respond to an intruder, you need in-depth knowledge on what they did, how they broke in, and the tools they used. For that type of data you most likely need the capabilities of a high-interaction honeypot.
Up to this point we have been talking about how honeypots can be used to protect an organization. We will now talk about a different use for honeypots, research. Honeypots are extremely powerful, not only can they be used to protect your organization, but they can be used to gain extensive information on threats, information few other technologies are capable of gathering. One of the greatest problems security professionals face is a lack of information or intelligence on cyber threats. How can we defend against an enemy when we don't even know who that enemy is? For centuries military organizations have depended on information to better understand who their enemy is and how to defend against them. Why should information security be any different? Research honeypots address this by collecting information on threats. This information can then be used for a variety of purposes, including trend analysis, identifying new tools or methods, identifying attackers and their communities, early warning and prediction, or motivations. One of the most well known examples of using honeypots for research is the work done by the Honeynet Project, an all volunteer, non-profit security research organization. All of the data they collect is with Honeynet distributed around the world. As threats are constantly changing, this information is proving more and more critical.
If you have never worked with honeypots before and want to learn more, I recommend starting with simple low-interaction honeypots, such as KFSensor or Specter for Window users, or Honeyd for Unix users. There is even a Honeyd Linux Toolkit for easy deployment of Honeyd on Linux computers. Low-interaction honeypots have the advantage of being easier to deploy and little risk, as they contain the activity of the attacker. Once you have had an opportunity to work with low-interaction solutions, you can take the skills and understanding you have developed and work with high-interaction solutions. To help you better understand honeypots, below is a chart summarizing what we just covered.
Solution emulates operating systems and services.
Easy to install and deploy. Usually requires simply installing and configuring software on a computer.
Minimal risk, as the emulated services control what attackers can and cannot do.
Captures limited amounts of information, mainly transactional data and some limited interaction.
No emulation, real operating systems and services are provided.
Can capture far more information, including new tools, communications, or attacker keystrokes.
Can be complex to install or deploy (commercial versions tend to be much simpler).
Increased risk, as attackers are provided real operating systems to interact with
Finally, no paper on honeypots would be complete without a discussion about legal issues. There are many misconcepts about the legal issues of honeypots. Instead of briefly covering the legal issues in this paper, I will be releasing a new paper at the end of May, 2003 dedicated to the legal issues of honeypot technologies.
The purpose of this paper was to define the what honeypots are and their value to the security community. We identified two different types of honeypots, low-interaction and high-interaction honeypots. Interaction defines how much activity a honeypot allows an attacker. The value of these solutions is both for production or research purposes. Honeypots can be used for production purposes by preventing, detecting, or responding to attacks. Honeypots can also be used for research, gathering information on threats so we can better understand and defend against them. If you are interested in learning more about honeypots, you may want to consider the book Honeypots: Tracking Hackers, the first and only book dedicated to honeypot technologies.