Forgot your password?
typodupeerror
IBM Patents Games

IBM's Patent To "Capture Expert Knowledge" With Games 97

Posted by Soulskill
from the also-known-as-theorycrafting dept.
theodp writes "Robert X. Cringely offers his take on IBM's patent-pending way to suck knowledge out of experts and inject it into younger, stronger, cheaper employees, possibly even in other countries. IBM's 'Platform for Capturing Knowledge' relies on immersive 3-D gaming environments to transfer expert knowledge held by employees 'aged 50 and older' to 18-25 year-old trainees, even those who find manuals 'difficult to read and understand.' It jibes nicely with an IBM White Paper (PDF) that advises CIOs to deal with Baby Boomers by 'investing in global resources from geographies with a lower average age for IT workers, such as India or China.' While Cringely isn't surprised that Big Blue's anyone-can-manage-anything, anyone-should-be-able-to-perform-any-job culture would spawn such an 'invention,' he can't help but wonder: When you get rid of the real experts, who is going to figure out the new stuff?"
This discussion has been archived. No new comments can be posted.

IBM's Patent To "Transfer Expert Knowledge" With Games

Comments Filter:
  • by scoove (71173) on Saturday September 19, 2009 @03:14PM (#29477967)

    We have a similar misconception in the information technology risk management world (actually, the greater risk world as well) where executive management mistakenly believes that compliance practices will eliminate risk. Even if we have 100% compliance with regulations (like PCI) and standards (like ISO 27000 series, CoBIT, ITIL, etc.) and could have an imaginary 100% effectiveness in the controls provided by these regulations/standards, we'd only eliminate known risk.

    Consider what regulations and checklists provide to assess risk: a checklist. And where does the checklist come from? Previous situations where we had problems occur. We learned, for instance, that simple 6 character passwords suck and are easily bruteforced, so the checklist asks if passwords are longer than 8 characters, have complexity, etc. But no checklist can ask for what problems we haven't encountered yet. So while we'll have regulators, external assessors, internal auditors and other compliance professionals examine an environment on a periodic basis, it will never substitute for a risk program that uses methods for uncovering risk from the un-checklisted and unknown terrain. Advanced techniques, such as those that use approaches that illuminate the risk domain through the creation and exploration of new vantage points, efforts that shock the perspective comparable to critical theory's radicalization, or those that de/reterritorialize and allow us to apply different thought models to a domain (e.g. looking at network attacks from a rhizomic, not a hierarchical model which reflects how a DDoS attack might manifest) are all non-checklist methods to assess risk.

    Interestingly, these approaches are not able to be appropriated by a hierarchical expert-system approach. Consider how expert systems create decision-trees, subject to all the Deleuzian problems (Galloway's books http://cultureandcommunication.org/galloway/ [cultureand...cation.org]Protocol: How Control Exists After Decentralization, or his work with Gene Thacker, The Exploit: A Theory of Networks, are both exceptionally valuable in understanding non-hierarchy problems in information technology). Plus such expert systems are subject to countless other problems known to information theorists and end up creating predictable paths through the model, to which any information system will adapt, and regress to the mean. Consider this example: if the IBM expert system is employed in the information security realm, it will specify a predictable path to responding to any security incident. Any information system will naturally recognize this predictable response and then use it against the system. This basic technique is already employed by most competent hackers -- measuring, testing, assessing your target to learn of the quality of their response to your efforts.

    In other words, any organization that would rely upon this service from IBM will be a predictable, exploitable target. They might as well publish the blueprints of their network and list user names and passwords. God help the fools that believe that knowledge is static and life is not competitive.

Air is water with holes in it.

Working...