In some of my circles, I am seen as the “technical” person, which means that all sorts of questions get sent my way.

I have always thought that I am a pretty poor choice for a teacher, because you know how teachers say “there are no stupid questions”? Well, even if I wouldn’t say it to your face, I most certainly feel I have been asked stupid stupid questions.

I wanted to write a quick blog post explaining what I think makes a good and a bad question.

Firstly, ignorance does not make a bad question. It is not my point that people are expected to know everything (if that were the case, my own questions would be bad—questions by nature require a lack of knowledge on something). But I think the vast majority of bad questions fall under “unanswerable” questions, or more accurately, questions that are answerable but where the answer is probably not what you actually want to know.

Take this question as an example we will examine:

Is it possible to retrieve disappeared Signal messages?

The answer to this question is “yes”.

That’s not what you were looking for, was it?

So what is the real question?

The real question is:

The police have claimed they accessed my disappeared Signal messages. Are they lying? If not, how did they do that?

To a non-technical audience, these questions may seem more or less the same, but the two questions in the new question are the crucial difference, because these two questions are related. In order to determine whether or not the police were lying, we need to know how they may have done so.

For example, one way in which a “disappeared Signal message” could be accessed by the user themselves is through a linked device; a message may have disappeared from your phone, but as messages are disappeared client-side, it may not have disappeared on a linked desktop device.

This helps us answer the question “are they lying?” because if you don’t have any linked devices (i.e. you only have the one Signal client), that rules out that possibility.

This isn’t a post about Signal security, and I’m not going to speculate on all the possible ways one could access a Signal message that has disappeared.

But let’s go back to our revised question. Note that it starts with:

The police have claimed they accessed my disappeared Signal messages.

This provides context, and even if you don’t know what exactly your question is (as is usually the case with non-technical people asking technical questions), it helps me to guess what your question actually is, and to understand what you need to understand. Compare to:

Is it possible to retrieve disappeared Signal messages?

This gives zero context. I can tell that this question is most likely not what you actually want to know, but I haven’t been given anything to help me figure out what you do actually want to know. Knowing that you are talking about a scenario where:

  • The threat actor is the police
  • The police have physical access to the device
  • The police have ostensibly unlocked the device, or read the drive of the device

makes it so much easier to give you relevant information.

In general, “is it possible” questions are bad questions. That may be a controversial statement, but it is one I believe. The answer to “is it possible” questions, especially ones posed by non-technical question-askers, is usually “yes”, but that doesn’t help you, does it?

A non-technical reader may be asking, “well if the answer is yes, why don’t you elaborate and explain how?” But there are many ways to do any given task, and “is it possible” questions are usually for a very vague task. If I just start answering with a possible way to do something, I know it is most likely I will give you irrelevant information.

It’s likely that I’ll end up sending this post in response to unanswerable questions I get. If this is you, please don’t take offence. This post is a prompt to go back and ask a new question, so that it can be answered, and so that ultimately I (or whoever sent you this post) can actually help you.