Just what is ‘common sense’?

When it comes to internet safety, one of the most oft-cited pieces of advice computer professionals hand out is this:

Use common sense.

One of the most common responses is this:

Great. Just what, exactly, is that?

When it comes to technology and safety, “common sense” is incredibly important, and yet incredibly ill-defined.

Let’s see if we can define it a little. I think many of the “rules” will sound familiar.

Become a Patron of Ask Leo! and go ad-free!

If it sounds too good to be true…

As we see so often, many malicious incursions mask themselves as promises of things that seem irresistible.

Practical examples of offers that really are too good to be true include:

  • Many “free download” advertisements.
  • Software that promises to “speed up your computer”.
  • Ads that include the phrase “one stupid trick to…” or variants there of.
  • Click-bait headlines that include the phrase “you won’t believe” or “will blow your mind” or similar.

One key to most of these items, beyond the fact that the promises they make seem extreme, is that you weren’t looking for them when you found them. (Though naturally they also appear when you are looking for something related.)

Look at any web site and you’ll see advertisements. Many are legit and well positioned, but many others are little more than over-the-top attempts to get you to click or download whatever it is they have to offer.

Particularly when you’re not looking specifically for something, don’t fall for extreme or outlandish claims. They are:

  • All too common
  • Very often completely false

The same can be said of most forwarded hoaxes and urban legends, as well as many “news” stories on not-quite-reputable or even satire sites.

Common sense tells us that if it promises too much, if it seems too extreme, if it seems too astonishing … then it’s probably completely false. Don’t waste your time.

Common SenseIt it ain’t broke, don’t fix it

Often following over-inflated promises such as those I just mentioned, or out of desperation, I often see people trying to do things to their computers that, quite simply, have nothing to do with anything they’re actually experiencing.

  • They’re trying to solve speed problems they don’t have.
  • They’re trying to remove malware that’s not present.
  • They’re trying to update software that they don’t run.
  • They’re trying to fix problems that have nothing to do with their computer.

The list goes on.

Now, I get that each of those assumes a certain amount of knowledge. How do you know you don’t have a specific problem? How do you know that malware’s not present? How do you know that the problem you’re experiencing is with the website you visit and has nothing to do with your computer?

That’s a fair concern. But if you don’t know that you have a problem, then why are you trying to fix it?

So turn the thinking around.

Common sense means don’t do something because you might have a problem – do something because you know you have a problem

Research the problem first. Confirm you actually have a problem that needs fixing before you try to fix it.

I’ll talk about research shortly.

Free is never free

The old economist’s acronym is TANSTAAFL: “There ain’t no such thing as a free lunch.” That’s exceptionally true on the internet.

It should be common sense that every “free” service still has a cost. It may be the advertising you need to look at, it may be the mailing list you need to sign up for, it may be something else entirely, but there is simply no such thing as “free” on the internet.

The most common place people fall into the free trap are advertisements of the form: “FREE Scan! Scan your computer for malware FOR FREE!”.

In reality the advertisement is 100% completely accurate. The scan is completely free. The not-so-free parts? If you want to do anything about what the scan actually finds, you’ll need to pay. It’s a common sales tactic.

And on top of that, less reputable programs will actually lie to you. They’ll warn you of malware and other scary things that you simply don’t have, or simply aren’t issues. All, of course, in a way that will make it appear that giving them your money to fix it is the only way to avoid certain doom.

Which brings us to another important point.

Read what’s in front of you

This is a point that frustrates me when I encounter it. It works like this:

  • A program fails or something goes wrong.
  • The user reacts, gets frustrated or gets lost.
  • The user completely misses the fact that the solution to the issue was included in the error message or descriptive text.

Another, similar, scenario:

  • Someone gets an email and reads exactly and only the first line, which is so outrageous that their reactions kick in right there and they stop reading.
  • As a result they miss the text that follows that removes all outrageousness by putting the statement in clearer context, or by providing additional information.

When it comes to your computer, when something goes wrong, please take the time to read what’s on the screen in front of you. That really is only good, common sense. I get so many questions that could be quickly dealt with had the questioner just slowed down and read the instructions in front of them.

I get that those instructions are not always comprehensible. Honestly, I do. But sometimes they really are so clear and obvious that just taking the time to slow down and carefully read what’s on your screen will get you a long, long way.

Which brings us to the flip side of the coin.

Don’t believe everything you read

I’m a firm believer that people are basically good1.

But that doesn’t mean that everyone is good, or that everyone has your best interests in mind.

Particularly when it comes to the internet.

It’s simply too easy, particularly in today’s exceptionally connected and information-rich world, to spread misinformation as fact. We see it all the time.

Misleading ads are simply one blatant example. The reality is that misleading ads pre-date the internet by decades, if not hundreds of years. It’s just that today’s technology often makes it difficult to distinguish snake oil from valuable and effective medication unless we’re careful.

In reality, the internet can also provide us with a wealth of information to help us separate over-inflated claims from reality.

It can also provide us with even more misinformation.

“It’s on the internet so it must be true” is one of those statements that everyone laughs at because it’s so blatantly wrong, it’s laughable. Common sense tells us that just because something is on the internet has absolutely no bearing on its accuracy.  Yet we see people go off and act as if it’s completely accurate, believing random and misleading statements from vague sources with a less-than-altruistic agenda.

With information coming at you from so many random directions, from sources both reliable and unreliable, it’s critical that we not believe everything we read just because it’s been formatted pretty2 on a site that looks authoritative.

And that brings us to the most important point of all.

Above all, be skeptical

Want something that’s very common sense?

Question everything.

Even me.

Never accept information at face value, particularly on the internet, and particularly from sites or individuals you’ve never heard of before.

Be skeptical. Ask questions. Consider the source, and what that source’s agenda3 might be in spreading its message. Are they being truthful?

Over time, develop a set of resources that you trust. Naturally, I hope Ask Leo! will be one of them, but honestly what matters more is that you reach out and find sites, sources, services and individuals that you trust.

Then use those resources to help you evaluate the constant stream of information and misinformation that’s heading your way.

Yes, that’s a little bit of work. But it’s critical.

Do your research!

Search for yourself. Learn the basics of how to not only use a good search engine (Google, Bing, or others), but also how best to interpret the results. Understand the difference between the advertisements that are presented on the search results page and the actual results.

Look for well-known reputable sites in those results, not just sites that happen to rank highly. As much as the search engines work to make it not so, ranking highly in a search result is not an indication that the site is legitimate or trustworthy.

If you choose to look at information presented by a site that you’ve never heard of before, remember: you’ve never heard of it before! Without more research there’s simply no way to know whether or not the information presented is valid, biased or completely bogus.

Get help. If you’re uncertain how to go about researching a particular topic, there’s nothing wrong in asking for help. You may have more experienced friends or family members who can help you find what you’re looking for. Many librarians have become valuable resources when trying to understand how best to determine the validity of information you run across online.

Regardless of who’s helping you, it’s still okay to be skeptical; when they suggest a site as a trustworthy resource, don’t be afraid to ask them why they trust it.

Look for confirmation, carefully. There are two types of “confirmation”:

  • Source “B” repeating what source “A” has said.
  • Source “B” independently presenting the similar information or conclusion that source “A” did.

The first isn’t confirmation at all, it’s repetition. The problem is that when enough sites and so-called sources are all repeating what only one of them has actually said, it may feel like it’s many sources all coming to the same conclusion. In reality, it’s nothing more than a single opinion repeated over and over, known as the “echo chamber”.

Remember that repetition isn’t confirmation. You want to find multiple sources that are confirming (or denying) the issue, and are all doing so having arrived at their conclusions independently, using independent research and work.

Use debunking sites. I’m a huge believer in using sites like snopes.com, urbanlegends.about.com or factcheck.org or any of several others before reacting to the latest over-the-top, can’t-possibly-be-true news story, tech tip or emailed rumor. Many, if not most, are very timely and do the kind of research you want to see before getting all excited or worked up about what just landed in your inbox.

Use resource sites. For just about any topic there are resource sites. Develop a set of sites that you trust. For example, when it comes to technology, I would hope you trust Ask Leo!. Visit the sites with which you already have that level of trust and see what they say about the issue at hand. As always, I’m not saying that you need to trust them completely, but use them as part of your research to develop your own well-thought-out opinions.

The bottom line is this: if something you run across is worth the effort of your taking any action at all – even if it’s just to forward an email – then it’s also worth it for you to research it first. At worst, it may save you some embarrassment. At best, it could protect your computer, your identity and even your possessions.

Play

Footnotes & references

1: That’s one reason I took on heroicstories.org

2:  Also not new. I’m fairly certain that my good grade on a paper I turned in while in college was due to the fact I’d figured out how to use a word processor to make it look much better than it actually was.

3: And don’t kid yourself, every source has an agenda. More here: Stop spreading manure.

12 comments on “Just what is ‘common sense’?”

  1. “… but there is simply no such thing as โ€œfreeโ€ on the internet.”
    I think the open source community would tend to disagree with you ๐Ÿ™‚
    And even if you want to consider licenses such as GPL, BSD, etc as not-entirely-free, there is plenty of true freeware out there, open-source (where applicable) and licensed with no restrictions. Not only software, but images, music, etc as well (e.g. think public domain). Real free is there if you know what to look for.

    But as far as the “normal” internet consumer is concerned with seeing ads for “free” things, you are of course absolutely right.

    • Although I’m a strong proponent of free open source software (FOSS), I would disagree with you. FOSS does have an agenda too. But it is not hidden, guys like Richard Stallman are open about it, and in my opinion, it is a noble goal, but a goal nevertheless.
      There are many reasons why people write open source. One of them is to acquire reputation, another is to do ego-boosting, and a third one is working towards your own political goals (such as Stallman explains). Probably a fourth and important one is fun and liberty to do what you like to do. By using their software, you are “paying” them with satisfaction in one way or another.

      Now, in as much as I’m willing to believe that there is no *hidden* price to *using* FOSS, I’m absolutely not willing to believe that there is no hidden price in “free services”, because they do incur a financial cost on their providers, which have to cover that cost in one way or another.

  2. Most people, when walking down the street and seeing an item of food lying on the sidewalk, would not even consider picking it up and eating it. Why is it that many of these same people would not think twice about installing an unknown program on their computers? The next time you are tempted to install a program that you didn’t actively search for and research to see if it comes with nasty little “extras”, ask yourself, “would I put it in my mouth”? Sure, it’s a kind of gross way of looking at it, but perhaps you’ll think twice before installing.

  3. Nice article but even the term “use common sense” is misused all the time. What is really meant it “use good sense,” and in this case that means having a good working knowledge of just how some of the nitty gritty happens on computers as well as all the “social” contrivances used to influence and infiltrate the devices as well as the user’s head.

    So while the article’s descriptions of good sense is right on, common sense is very much a subjective term so it really doesn’t get us anywhere.

  4. To keep my computer safe, I won’t click free Malware removal like you recommended. I just wonder I can see 2 free Malware Removal download on this site if you can’t get rid of them? Because you didn’t put them on here? I think some people don’t have much knowledge may confuse and think you put them on here and then may click…

  5. We live in a world where ‘Superman’ Halloween costumes need a label that says “This costume does not allow the wearer to fly”.
    Common sense is as rare as hens teeth, because each successive generation is trained to think less.

    • I understand, Bob. We could simply take the warning labels off everything and let the problem sort itself out. Leo’s point ‘Read what’s in front of you’ seems to be in most folks’ blind spot.

  6. Thanks once again Leo for reminding me to be careful.

    As someone who is too old to have learned computer science in school I have just figured it out as I went along.

    Your informative web site has played a huge part in my education and I have recently purchased your book on backing up with Macrium Reflect (yes, I finally realized I should be doing a better job of backing up)!

    “Saved! – Backing Up with Macrium Reflect: Prepare for the worst – Recover from the inevitable”

    I also read and trust the Bob Rankin site, any others I am extremely wary of.

    Please continue to share your knowledge in the understandable way that you do.

  7. Leo: I was waiting for you to get to specifics and was disappointed at the generality of your warnings. I often get phishing emails from my bank, paypal and my ISP but most of the time they are unbelievably obvious if you look at their internal data. Frequently they come from some crazy source like openbeach.com even though they are claiming to be from a known institution. They frequently have return email addresses that have one value in the Reply section and another value in the body. If you hover over the link that they urge you to click on it often has a geographical domain in Russia or South Africa or elsewhere. I get multiple short emails from women offering various ways to f@-k me (their disguises) because their husband or bf is inadequate but when I hover on the return addresses they are always the same ending in php?=a week after week, which I guess is a server instruction. So I guess they are all from the same place. I assume that malmail has a reasonable success rate so there must be computer users without the common sense to open their eyes and look. Not your subscribers of course.

  8. Get to know what a legitamate alert from your virusscanner looks like! The best way to do this is to go to and copy the Anti-Virus Test String. Open Notepad (or equivalent), paste it in, and (try to) save it as “eicar.com”. If your virusscanner is correctly configuted, it won’t even LET you — it’ll stop the save dead in its tracks with a dire virus alert! The eicar test string is DESIGNED to be used by the anti- vitus community to test their scanners, so even though it is totally harmless, a virusscanner should respond to it AS IF it were a dangerous virus.

    Take a close look at the alert your virusscanner displays. Learn to recognize it. Then there’s much less chance you’ll be taken in by a fake alert on the Web!

    Finally, if you have the SLIGHTEST doubt of the authenticity of any such alert, DON’T CLICK ON IT, not even to close it! Call up the Task Manager (or equivalent — but Process Hacker is better) and kill it off from there. Then, manually call up a Full Scan in your own virusscanner!

    Hope this helps…

Leave a reply: