I run a fairly high profile drupal site - and this has always been a large concern for us.

Our solution was basically to disable user logins completely. An overwhelming number of the exploits require you to login, so by removing this prerequisite, we basically avoided the problem.

Security isn't exactly a priority for drupal either, it's almost added as an afterthought. To put things in perspective, their login page doesn't even support SSL by default in either drupal 5 or drupal 6. To me that's verging on pathetic.

We were lucky because user logins weren't a core part of our site concept when we implemented the site, but I am now thinking that it might be a good way to go in the future, but I'm mostly petrified of this problem.

On the bright side of things they include a large number of extensions, and things mostly work as advertised, so we found this to be our best option out of all the open source CMSes we tried.

I'm really curious if the various mechanisms for running homebrew applications still work.

I have an R4 chip from my regular DS - my guess is they've closed up whatever hole was opened and a new method will be found, but has anyone tested this so far?

I went to Postgres East last week and won an ASUS EEE PC 1000. It has the 40GB SSD, 1.6ghz Atom and Linux installed.

Unfortunately I can't install a raw install of OSX on it (like the mini9 can) so I'm looking to sell this one.

They opened it at the conference to show to other people, but it's unused and has never been turned on.

I'm asking for 375... email me if interested