But there are a million other things I want to sink time into improving. Music, my Starcraft MMR, boxing. To finish a day hacking and coding, come home, and - for months, if I want good results - do more hacking and coding feels like an exhausting prospect. Even if the scenario is fun, it feels contrived.
I'm not presenting any solutions. Maybe I'm just not the target market, because I don't have the desire right now to code all day and then code some more. But I wonder how big that target market is?
Tell me about it. Speaking only for myself, I have near-constant coder's guilt - a term I just made up to describe the nagging voice in my head that keeps telling me I should be coding more in my free time. It sounds something like this :
"somewhere a rockstar wizard ninja is writing a C compiler in Haskell and here you are wasting your time with Overwatch, you miserable slacker"
edit: Just read what this thread is about. I really like to program, so much so that I usually find an hour or two per day to code (not every day, check my github streak if you want) Usually it's between 11pm and 1am, after dinner, after a movie with my partner, when she's playing a video game or watching a series, I do some coding.
So I also play video games or watch movies. I like competitive games, mostly SC2, DotA and now Overwatch, but I don't worry about my MMR the way I used to when I played over an hour per day. Compared to achieving a high MMR building a ninja rockstar software project like a C compiler in Haskell is easy. Who is going to compete with me? It's a crazy idea anyway! I just work on it a couple hours per week, and after a year or two it'll be an impressive project no matter what. It's got everything I learned in it.
Regaining the MMR I had in SC2 back in University will take me months of hard practice, but when I feel like continuing my C compiler, the commits are still there. The C compiler stems from a deep passion I have and a deep frustration I feel with the state of the art, that's why even if I don't dev on it for a few months, I'll go back to it eventually and continue. So... I can relax and play Overwatch for an hour or two, no worries. (Overwatch is much more forgiving than SC2 or DotA btw.)
: If I'm wrong and you're doing 10-12 hours of productive code a day, then good god man, what's your secret?!?
Today was a good day and I spent about 6 hours staring at code at work, and maybe will get about a half hour of hobby coding in before I go to bed. I would agree that anything above 8 hours of real coding is pretty superhuman, though it looks like some people on github are achieving it.
Haha what an unexpectedly fantastic response. Kudos on your cool side project, and triple Tracers sounds like the pinnacle of frustration :P (is this a new meta? I was just watching a top tier EU game where one team rolled 3 tracers + 2 winstons)
> Overwatch is much more forgiving than SC2 or DotA btw
Couldn't agree more. I personally find SC2 almost too stressful to play competitively these days (as a 30 year old fogey), and the match length of your typical MOBA is also a major turn off for a casual like me.
> So I also play video games or watch movies. I like competitive games, mostly SC2, DotA and now Overwatch, but I don't worry about my MMR the way I used to when I played over an hour per day. Compared to achieving a high MMR building a ninja rockstar software project like a C compiler in Haskell is easy. Who is going to compete with me? It's a crazy idea anyway! I just work on it a couple hours per week, and after a year or two it'll be an impressive project no matter what. It's got everything I learned in it.
I'll be using your experience for inspiration. I also love coding - particularly once I get started - but lack the discipline to make a habit out of it in my spare time. Hopefully in a few months I'll have some similarly interesting work to show for myself :)
I'm 29, experience the same with SC2, it's just not fun if all you can do is to learn the meta and polish your mechanics.
Whatever you build, make sure it's test driven! Nothing beats sitting down to work on your project and the only thing you need to do is to run the test suite to remember what you should work on next. It also helps you chop your project up in fun achievable sized bits. I make it a point ending every session with 1 red test.
"somewhere a rockstar wizard ninja is building a passive-income side project and here you are wasting your time tending a garden and working in your woodshop, you miserable idiot with stupid priorities."
After doing tech for 15 years, that sounds glorious.
I want to be able to make something, I also really want to be able to finish my progress on cryptopals, or finally get a real bounty on hackerone, but I'm just not good enough.
And I get caught thinking, well if I just didn't spend so much time playing computer games, or wasting time I could do that stuff.
But is it true, or am I just using them as an excuse, so I don't have to face up to the fact I'm just not that good at it. It's easier to blame my laziness than blame the fact that I struggle to produce output and struggle to find meaningful vulnerabilities.
If I ever do find myself unemployed, then I'd hit stockfighter up straight away, that would I guess give me the motivation to work at the stuff. I think there's a fundamental "understanding gap" between me at the problems presented though. In the same way that I can look at a demo scene write ups and understand the concepts they're talking about but there's this vast chasm between the work I do and the work they do, and it's not clear how to bridge that gap.
Maybe I should read less hacker news and spend more time practicing the craft. But hey, I'm back in the "if only I worked harder" trap.
 Sure, I can find open redirects, maybe the occasional http subdomain leaking a cookie from the https root domain, maybe even an open endpoint, but finding vulns worth paying for is difficult when dealing with sites which already care enough to have bounties.
 It's not about the money, I'd likely not even claim it given the typically small amounts paid out and the hassle of declaring it, but I'd like to bag a bounty for pride sake.
No time spent playing Overwatch is time wasted.
I like that people are evaluating this against things like Overwatch, because for me, Stockfighter is a form of entertainment. I still play video games occasionally, but in my growing adult years, I'm not able capture that same rush from winning.
Not so with CTFs. Maybe it's because I'm a relative newbie, but the dopamine rush I get from winning a level is incomparable. There is something about a solve, when you get that brainfeel where you just understand completely what is going on, that is unique. Perhaps that's what black hat hackers feel when they p0wn a system. The closest recollection for me is when I smashed through that top level brick in World 1-2 of Super Mario Bros, and I could run across the roof to win the level.
Mean feedback about the UI, especially if accompanied by an even meaner summary of what you'd rather the UI does instead, is most welcome.
(Erin's Calcifer tattoo is taking longer than expected, so if you want to wait like another 15 minutes before doing whatever unforeseen sequence of things in the UI that will hard-panic all the servers, your timing will be perfect).
edit: also, the password reset link doesn't go anywhere.
I see some discussion of "files", but seem unable to list them or explore the filesystem. I don't know if this in-game filesystem is supposed to be on the "AVR" device or an imaginary "developer machine". Where do the outputs of running commands like "compile" go? Why can't I inspect the compiler? What actually comprises the state of the system I'm interacting with? If this is notionally to find good developers, why is the UI sandboxed inside a web browser, where building and using tools (which is what good developers and reverse engineers do) is incredibly painful?
Half the commands produce no output and make no visible change to any state, e.g. "load garbage". Almost all commands silently ignore extra parameters. There's no tab completion, no history search, commands don't even show up in the output log...
Links and commands seem to randomly be assigned to either always open in new tabs or load in the current tab of the browser, both in the "debugger" and help pages.
Moving through command history puts the cursor at the left hand side of the prompt. There's noticeable latency when single-stepping the program, which is just astounding.
Did nobody try to use this shit, even a little?
* You cannot "explore the filesystem". The "files" are really just bookmarks in case you want to switch between different C-like programs to deal with a level. I hate the UI more than you do, but suggestions very welcome.
* You mean "compile" as in, the debugger command? What would you like it to print? Before we split the source editor off into its own page (it used to live in a tab, and it just didn't work), the CLI was an important way to interact with the compiler. Now the command is vestigial. I suppose I could just make it print out the bytecode instructions from the compiler.
* What does "inspect the compiler" mean?
* How can I surface the documentation that explains the relationship between the compiler and the system so that it is more apparent that it exists? It's clear you didn't see it.
* Hate the web interface? You're in luck! https://starfighter.readme.io/ --- skip to "Microcontroller API reference".
* I have a hit list of improvements to the command line, but if you have more suggestions, I'd be happy for them.
* The "latency" you're seeing when you single-step programs is... the network? The clientside UI code?
Just a little, is the answer to the last question.
It seems strange that there are a set of names associated with blobs of data (source code) but the tools for managing that name->blobs map (querying which names are mapped, removing a mapping from the map, etc.) are incomplete. The source code editor allows views and updates, but I don't see how I would do garbage collection, and one can't perform views or updates from the debugger, but is expected to refer to the names there (in the "compile" command, and possibly others?).
Also about the "compile" command in the debugger (which is what I meant), it's unclear what state is mutated when I type "compile level_1.cg" and hit enter--it claims to have compiled and loaded 361 bytes, but I don't see a location into which they were loaded (checking the memory tab shows 32 bytes that don't resemble a program binary... is there somewhere else I should be looking?). If I subsequently type "run", it claims "no valid compiled program loaded". Is the program that I compiled and which was reportedly loaded not valid? Or do the "compile" and "run" commands' output refer to different notions of "loaded"?
By inspecting the compiler, I mean seeing what it does and how. Is the compiler inside or outside the trusted codebase of the handheld trading thing? Is there a way to hand-craft bytecode?
I also don't really understand why "compile" would load anything into anything else. Maybe there's a more clear name for the command?
Or, if you can remove the entire command prompt in favor of a more streamlined read-edit-test workflow, that seems ideal in terms of intelligibility. I would suggest making the programmatical interface more prominent (present it as a first-class alternative to the Web one). Since the idea of the site seems to be demonstrating developer ability, I expect many users will be put off at the notion of using a Web UI to do significant amounts of programming; even JS coders don't live in the one-line REPL of a browser inspector.
How do I get to those docs? I browsed the list on the left of https://www.stockfighter.io/trainer/dox but didn't see anything that explained where programs are stored after compilation. The "Command Reference" mentions compile, but the relationship between compile/run/flash/vmload/vmexec isn't clearly described; is "run" simply a convenience wrapper around the others (excluding compile)? What does the "vm" prefix imply? Why does compile take an argument, but the rest don't? Is there utility in, say, compiling and flashing, but not vmloading, a program (e.g. cache invalidation if we can flash underneath a different running program)? Or is this needless flexibility?
I originally skipped the guided tour, figuring that since I'm familiar with machine-level debugging and AVR in particular it would be a waste of time, but now see that it explains some of the expected workflow, though it's mixed with explanations of basic architecture concepts.
The source file thing is definitely strange. I could just lose it entirely; save your own files! That's how the termbox client works. It made slightly more sense when it was driven from the CLI.
"compile" in the debugger is vestigial, but if we think it makes sense to have it do something useful, let's have it do something useful. I'll have it do what the compile button does, and also print a summary of the generated program. It'll be immediately clear what it does. I'll make "load" do something sensible too.
I think more people want me to have a command line than want a completely streamlined interface, but I think I have some work to do on making the command line work better.
There is utility, later on, in looking more carefully at the individual steps of getting a program to run, but there is not much utility to it in earlier levels. I can hide those commands earlier; I didn't because that'd be kind of a tell. Earlier on this year, I wanted this interface to capture more of the annoyance of figuring out a realistically complicated target (rather than it being immediately clear what your objective was), but I'm moving away from that now.
It's definitely very tricky to write documentation for this that makes sense to reversers or embedded devs and that works for the people who've never done any of this kind of stuff. Maybe I shouldn't be trying to accomplish both things in one set of documents!
My #1 takeaway from your original comment: I need to do an audit of all the command line commands and have them all be discoverable by running them and seeing what happens. That is definitely not the case right now, and it's a very easy gap for me to close.
There shouldn't really be anything you can do in the web interface that you can't do in the API.
- When the PC jumps, the highlighted instruction doesn't follow, leaving you lost when stepping through a program
- Can't hit enter on a blank line to repeat previous command
- No 'finish' debugger command?
- Seem to end up in random functions when stepping over simple instructions
- Am I supposed to type 'flash' or 'run' to execute my compiled program? Sometimes the one I just compiled gets executed, sometimes the one I compiled previously - how can we view what's being executed?
I really enjoyed microcorruption, and thought that UI was fine, but this feels like a step backwards.
Putting the compiler in the debugger was how it used to work. Everyone hated it. Also: it's using Ace, which really grinds Chrome. I can easily add a pure textarea tab that will let you edit code, if you _really_ want it.
To run a C program, do one of two things:
* Compile it in the source editor, which will generate a blob of compiler output (which is deliberately not documented) that the browser will cache.
* Use the "flash" command to write it to SPI flash.
* Use the "vmload" command to send a SPI message to the AVR to reload the program from the SPI flash.
* Use the "vmexec" command to send a SPI message to the AVR to execute the program.
* Compile it in the source editor
* Type "run", which does all the rest of those things.
I like Microcorruption's UI, too. I gave this one more to do. I agree: it's not there yet! Working on it. How elaborate do you want the web-based debugger built on this API to be? :)
(I'm serious: thanks for the feedback. This section of the thread is the stuff I was hoping to get).
The biggest pain point was figuring out what was executing. As I mentioned, I would be playing around in the compiler, hit compile and save, and then attempt to run it in the debugger. The 'run' command either seemed to have no effect, or would run a previously compiled program, not the one I'd just written. Even typing 'reset' didn't help.
The memory didn't seem to be updating in real time either, which made things even more confusing!
Running in Firefox if that makes a difference.
More generally, it's not actually sandboxed inside a web browser, you can interact with system through REST-ish API as well. see https://starfighter.readme.io/docs/retrieve-device-status for some documentation on that. It's obviously pretty inconvenient to get a full debugger type experience that way, but I don't really see how they could make it less sandboxed, given the constraint that the authoritative copy of everything must run on their servers for security.
I do wish all the commands gave some sort of feedback, load in particular is super frustrating that way.
Did you write a C program, click the compile button, and now want to run it? Just type "run".
There's an in-game reason why we break out the flash/load/exec commands the way we do, but "run" does all the fiddly steps.
I like the different load/flash/vmload/vmexec commands, I've certainly needed to stop at points in the middle to inspect the debugger state.
Yep, like "compile", that command is vestigial (the source editor used to live in a tab, and, ironically, the file saving stuff made more sense that way, driven from commands on the CLI).
Yep, I can make "load" do that. Give me a few hours, though! It's an easy task, but I'm tethered through my iPhone right now.
Isn't that moving a bit beyond useful or informative and helpful to a discussion to aggressive and antagonistic? Is this free game/tool/resource actually causing you that much agitation?
I'm glad, as one of the people it was directed towards, that you can take it positively.
Having a hard time parsing this. Do you find underpriced talent and help them get paid more?
Susie creates a novel solution to one of Stockfighter's games. Stockfighter uses that solution as evidence to present her to companpanies as a great engineer. She gets job offers for more money, challenge, and satisfaction than she currently has.
How does this solve Susie's problem?
Not all of them have problem solving skills that translate well across different technologies.
It's not about looking for people that meet a specific checklist of tools/languages, it's about finding people who can solve problems - even in fields they are not familiar with. The latter is far more useful trait for an employee to have.
It's definitely not equally applicable to everyone, and that's ok.
While it's a great service, this takes a lot away for people who are great programmers but might not be great technical interviewers.
Nobody wants to eliminate tech job interviews more than I do.
Trust but verify.
Are you sure? Tech companies you've heard of on the west coast (other than Amazon) are paying their most junior people at least $100k. When I looked at big boring insurance companies in the Midwest (toying with the idea of staying close to home) I was seeing closer to $50k for entry level and $80k for mid-career.
You might not think a position at an insurance company sounds interesting, but if the CTO starts explaining their plan on integrating their major departments with a new application they are developing from scratch (and maybe you get to help make ground floor decisions, like language), and needs to contain some interesting data warehousing to make sure that the statisticians and actuaries can access the data in heretofore impracticable ways, that might just tickle your fancy.
I'd imagine there are other specialized software engineering fields with similar problems.
This is just an early demo version. It's going to get pretty bananas in a few weeks. Noisy testers are very welcome; we're going to start spoiling the "full CTF" levels next week for beta testers.
- if you want to find a better paying job, take each lunchtime and call every job advert you qualify for that pays 20k more than you earn. Do this for three months. You will get the raise.
- even better is to supplement this with LinkedIN, blog posts, network maintenance (when did you last have call or have coffee with your previous boss?)
- do this for the next three jobs.
You are now at the pay ceiling for your skill set. Well done.
Start your own business, preferably selling something that scales (your time does not scale and you are selling it at pretty much the max - say 100-150k)
The people behind starfighter are brilliant and I respect them big time. So, probably they know what they're doin. I am excited to see how they want to solve dev hiring since starfighter looks more like a product that does filtering, not sourcing.
(I am thinking since a long time to build something that leverages Github to find and reach out to engineers; e.g., when a company looks for Angular people to just parse the Angular repo for engineers that watch / contribute to the repository and reach out to them. if you have any ideas on this or want to help, please shoot me a message).
Unfortunately, changing that appears to be a very tricky social problem. It's going to take a recruiter (or recruiting company) with such a great reputation and track record that companies trust that recruiter's judgement in personnel implicitly. But how?
I poke around every now and then on stockfighter but am definitely not looking for a job change in the near term. Is this use case something y'all support?
Technical comment: "forgot password"-link is not wired to anything? Not working for me on FF at least.