Proposed update to help center to decrease quantity of off-topic/migrated questions

Question

I have noticed over the years that we get a lot of questions that are not information security specific, and are subsequently closed or migrated to a better site. While the migration process isn't a huge deal, it still creates a lot of clutter and moderation that could be avoided if users knew the proper place to ask.

It makes me wonder if the guidelines aren't clear enough. On our help center, it has this quick statement about other possible sites:

Questions on setting up your home PC antivirus may be more appropriate over at superuser.com; and questions on the deeper aspects of cryptography belong on crypto.SE.

Ok, but what about questions for programming with security libraries (Stack Overflow), configuring Kali or setting up GPG (Unix & Linux, Super User), troubleshooting your server's TLS configuration (Server Fault), or reverse engineering a binary (Reverse Engineering Beta)?

While most of these are common sense to a lot of us, someone who is new to Stack Exchange probably won't know, and might think their question is on topic here. The help center doesn't really prohibit those types of questions, even though there are better fits elsewhere.

Compare this to the Crypto Stack Exchange help center. For brevity, I won't copy it all here, but the "I'm confused as to where my question belongs; there are so many sites!" section specifically addresses most common off-topic scenarios. There is even a whole section afterwards explaining Crypto vs. Security SE.

As a result, I propose creating a similar list for the Security SE help center that outlines common off-topic areas, and suggests where the questions may be more appropriate. I don't know the process to change this, but I would hope it would decrease the volume of migrated questions.

Unfortunately, we can't guarantee that people read the help center when starting out. But for those who do, shouldn't we be more clear about what is off topic?

Answer 1

The following is a rough draft of the proposed section.

As there are many sites in the Stack Exchange network, some questions that are only loosely security-related may be a better fit on a different site. If you're still unsure if you should ask your question on Information Security Stack Exchange, feel free to ask in our chat or on our meta site.

Below is a list of common question topics that may be a better fit for other sites. Before you post on another site, please read the particular site's help center to ensure your question is appropriate for that site.

• Programming:
  • If your question is about using a cryptographic/security library or programming interface, you may ask it on Stack Overflow. The same applies if you need assistance implementing or debugging a particular piece of code.
  • If you are looking for someone to review your code, ask on Code Review.
• Cryptography:
  • Questions regarding your organization's cryptographic policy and practical usage of said crypto may be on topic here.
  • Questions about using cryptographic-related software (e.g. GPG) may be a better fit for Super User.
  • Questions regarding the internals of cryptography may be more appropriate on Cryptography.
  • Questions about specific cryptocurrencies may be best answered on their respective sites; Bitcoin, Ethereum, Monero, Iota, or Stellar.
• Using or configuring software/hardware:
  • Questions or issues with configuring servers to use security-related features may be better served at Server Fault; e.g. setting up a VPN server or installing TLS certificates for a web server.
  • Questions with a non-security nature about usage of end-user tools/systems may belong on Super User or Unix & Linux as appropriate.
• Recommendations: Software/library recommendations may be asked about at Software Recommendations.
• Reverse Engineering: Questions about reverse engineering a system may be asked on Reverse Engineering.
• Laws: Questions regarding the legality of various information security practices may be asked at Law.