Skip to main content

How to Ask for Technical Help Correctly

I was going to post this over in reddit's /r/cybersecurity_help, but I decided it sounds too much like a lecture. 

-----

We understand that when you have "pressing" concerns, you often can't even formulate a question coherently, but please take a few moments to organize what information you have, and what questions do you have, so we can answer your questions immediately, rather than trying to draw additional details out of you which wastes both your time and ours. 


Rule 0: Please read the posting guide:


https://www.reddit.com//r/cybersecurity_help/wiki/guide 


Rule 0.5: Please read the "10 rules" (check right hand bar at following link). Failure to follow them may result in removal of your question. 


https://sh.reddit.com/r/cybersecurity_help/


I'm going call this the 2 C's of Cybersecurity Questions: Condition, Confirmation. (There are 2 more on the answer side, Cause, and Correction, but we'll talk about those later)


**Condition: WHAT made you came to this subreddit today?** 


This should be short, concise, and goes in the subject/title. 


* Good: "I lost control of my gmail, hotmail, and EpicGames accounts."


Clear on what had happened. Details would be in the body of the post. 


* Meh: "Can this be (insert malware name)"


Please start with description of your problem(s), NOT what you SUSPECT the cause is. 


* Bad: "OMG PLS HLP ME NOW!!!!!!" 


We don't need to know how you feel. We need what brought you here today. 


**Confirmation: what evidence, supplemental facts, observations, and so on, do you have to support/confirm the condition that brought you here today?**


* Good: "I can no longer log into my gmail, hotmail, and EpicGames accounts. I checked my phone and it confirms some sort of account change at each. I tried password recovery for each and I am not getting any message, so it appears ownership email had been changed."


This is nice detailed explanation of the condition. This doesn't have to be screenshots or logs or whatever. "What should I do?" is implied. 


* Meh: "Well, my PC started doing X, Y, and Z. Should I be concerned?"


You could have LEAD with that, as the condition/subject, rather than speculate on the cause. 


* Bad: "He's in my phone! Help me!"


How are we supposed to help if you can't even provide details about what phone make/model, what OS level, and what made you suspect someone's in your phone? So now, we have to spend another back-and-forth trying to solicit details out of you. THEN we MAY be able to offer some suggestions. 


BONUS TIP: Please don't include opinions, like "I'm sure it's my ex who had taken a cybersecurity course / ex-government job / secret agent". You'll attract attention of trolls. 


-----


For those of you answering, please limit your answers to the 2 C's of answering... (suspected) Cause, and Correction (Remediation), or solicit Confirmational Evidence... or perhaps, inform OP that the question is off-topic. 


**Confirmation(al evidence) -- OP needs to provide more details so we can narrow down the cause / correction**


Please explain WHY more details are needed. Sometimes, it's obvious, but it's better to overexplain than underexplain here. 


**(Suspected) Cause -- i.e. what do you think OP was afflicted by**  


Please also explain how you came by this conclusion, and/or references from a recognized source. Google, Microsoft, AV vendor, Security News, MakeUseOf, etc. 


**Correction/Remediation -- how should OP fix the affliction**


Same idea as above, add reference if possible


Please note that for some Correction methods (i.e. remediation), we do recommend "the nuclear option" i.e. "nuke it from orbit, start over", and it works regardless of cause. So we do sometimes ignore the cause but we would usually explain WHY we do that. 


Also, we do give STOCK answers quite often, as this is a form of tech support. We will copy/paste stock answers, even when we have relatively incomplete info. 


**Off-topic -- OP's question is not cybersecurity related**


A lot of people come here for privacy related questions. "Someone used my photo without my permission", "someone is harassing me online by impersonating me", and so on. Refer them to /r/DigitalPrivacy. For people asking about Sextortion, there's /r/Sextortion. There's also /r/phishing or just /r/Scams 


DO NOT DO: pass judgment on OPs actions, attitude, condition, etc. We are here to SUPPORT (within limits). Simply don't mention anything else. Limit reply to the statements provided (the portions that seems factual, not opinions) 

Labels:

Comments

Post a Comment

Popular posts from this blog

I finished Google Cybersecurity Certificate in 5 Days. What did I learn?

As of May and June 2023, there were a lot of buzz about the Google Cybersecurity professional certificate issued in conjunction with Coursera.  So I took the 8 course certificate program, and I was able to finish it in 5 days (May 31st to June 4th), which is so fast, it was within the 7 day trial period, so I did not pay anything (normally $49.00 USD).  I did go in with a couple unfair advantages: * I already know SQL * I already know Python * I was an IT professional  * I have taken a cybersecurity intro course before * I was also between jobs so I have a LOT of time to dedicate to studying * I have taken many Coursera courses before (back in early 2020) So is the course any good? I think it is a good course for people who have no idea what to expect, and this will give them a taste on what a job in cybersecurity will involve. The video lectures are relatively short, and there were a LOT of emphasis on the non-traditional non-technical background of many of the Google em...
Post a Comment
Read more

6 tips to finish a Coursera Certificate Fast! (from the guy who did it in 5 days)

Hi, I am Captain Chang, an IT professional, and veteran of multiple Coursera certificates, most of them finished in 10 days or less. Recently, I finished the Google Cybersecurity Certificate in 5 days. A link to that video is in the description.  To me, Coursera education is a cheap introduction to a career you are considering, from data science and information technology to cybersecurity and user interface design, and a lot more for less than $50 a month. However, to get the most out of Coursera, there are some strategies you should follow.  While the strategies I talk about after this mainly applies to the the cybersecurity certificate, most of the tips should work in general toward other technical Coursera professional certificate programs as well. 1. Understanding how Coursera payment works Coursera is usually organized around "certificate programs", which has several courses. For example, the cybersecurity certificate course from Google / Coursera has 8 courses. [insert ...
Post a Comment
Read more

I Got Both Google Cybersecurity and and ISC2 Certified in Cybersecurity. Should You?

The Google Cybersecurity Certificate and the ISC2 Certified in Cybersecurity are two of the most popular cybersecurity certifications available. Both certifications cover a wide range of topics, including network security, application security, and security operations. However, there are some key differences between the two certifications. Both Google Cybersecurity Certificate and the ISC2 Certified in Cybersecurity are considered entry-level certifications The Google Cybersecurity Certificate is very friendly for people who did not come from a computer background, but if you already know IT, Linux, SQL, or Python, you will have an advantage here. You will also learn some practical cybersecurity tools, such as SIEM and Splunk log reading, and you will end up trying to write incident report logs, short analysis reports, and so on.   The ISC2 Certified in Cybersecurity is more focused on theoretical and base level knowledge, with a bit more discussion on the differences among in...
Post a Comment
Read more