You asked Cliff Schmidt, founder and executive director of Literacy Bridge, about charity, education, and the "talking book", and he has answered your questions with a fair amount of detail. Cliff asks that if you are interested in getting involved please don't hesitate to donate either your time or your hard earned cash.

Michael J. Ross writes "Many Web developers wish to create e-commerce sites that also support collaborative editing of content, community forums, and other features that can increase traffic to the sites. But most shopping cart products do not include those capabilities, or, if such third-party add-ons exist, they may be quite limited in functionality. Similarly, most if not all content management systems (CMSs) lack native e-commerce capabilities. Yet that barrier is being overcome, because a handful of e-commerce modules have been created for the most popular CMSs. Perhaps the most promising pairing, at this time, is Drupal and the e-Commerce module — a combination covered in the book Selling Online with Drupal e-Commerce by Michael Peacock." Keep reading for the rest of Michael's review.

Last week hundreds of you posted questions for Slashdot's CmdrTaco, AKA Rob Malda. Today we present his answers to 10 of the highest-moderated questions. CT: You can continue to sign up for 10 year anniversary parties but we're already working on shipping shirts so you won't be able to get a care package... but you can still try to run for the big grand prize by just taking videos of pictures or just doing something cool at your parties to prove that we should have been there.

Michael J. Ross writes "Computer programming books come in all varieties, but there are at least four general categories: introductory texts, which typically have the lowest content per page; language references, which have become increasingly supplanted by online sources; "advanced" treatments, which are often a mishmash of errata-riddled articles; and "how-to" books, usually at the intermediate level, and sometimes presented as "cookbooks." It is that last category that has been growing in popularity, and for good reason. When an experienced software developer needs assistance, it is rarely for language syntax, but instead a desire to see how someone else solved a specific problem. For solutions using the PHP language, one source of information is PHP 5 in Practice." Read the rest of Michael's review.

Anml4ixoye writes "I recently got sent a copy of Bruce Tate's newest book Beyond Java - A Glimpse at the Future of Programming Languages. Having read Bruce's Bitter Java and Better, Faster, Lighter Java, I was intrigued to see what he would have to say about moving beyond Java. In short: If you're a hard-core Java (or to a lesser extent, C#) developer who thinks Ruby is something that goes on a ring, Pythons will bite you, and Smalltalk is something you have to do at parties, you are in for a rude awakening." Read the rest of Cory's review.

You posted a lot of great questions for Mike Nash last week, and he put a lot of time into answering them. As promised, his answers were not laundered by PR people, which is all too common with "executive" interviews with people from any company. Still, he boosts Microsoft, as you'd expect, since he's a VP there. And obviously, going along with that, he says he likes Microsoft products better than he likes competing ones. But this is still a great look into the way Microsoft views security problems with their products, and what the company is trying to do about them.

Shalendra Chhabra writes "Jonathan Zdziarski has been fighting spam since before the first MIT spam conference in 2003, and has now released a full-on technical book, Ending Spam, on spam filtering. Ending Spam covers how the current and near-future crop of heuristic and statistical filters actually work under the hood, and how you can most effectively use such filters to protect your inbox." Read on for the rest of Chhabra's review.

cluge asks: "It seems that several large providers give their users DNS servers that simply ignore DNS time to live (TTL). Over the past decade I've seen this from time to time. Recently it seems to be a pandemic, affecting very large cable/broadband and dial up networks. Performing a few tests against our broadband cable provider has shown that only one of the three provided DNS servers picked up a change in seven days or less. After turning in a trouble ticket with that provider - two of the three provided DNS servers were responding correct - while the third was still providing bad information more than two weeks after that specific change. What DNS caches ignore TTL by default? Is there a valid technical reason to ignore TTL?"

Larry Sanger was one of the moving forces behind the pioneering Nupedia project. That makes him one of the people to thank for Wikipedia, which has been enjoying more and more visibility of late. Sanger has prepared a lengthy, informative account of the early history of Nupedia and Wikipedia, including some cogent observations on project management, online legitimacy, dealing with trolls, and other hazards of running a large, collaborative project over the Internet. As Sanger writes, "A virtually identical version of this memoir is due to appear this summer in Open Sources 2.0, published by O'Reilly and edited by Chris DiBona, Danese Cooper, and Mark Stone. The volume is to be a successor to Open Sources: Voices from the Open Source Revolution (1999)." Read on below for the story (continued tomorrow). Update: 04/20 19:19 GMT by T : Here's a link to the continuation of Sanger's memoir.

scubacuda points out this CNET story, writing "In addition to beefing up its storage (100MB -> 250MB), Yahoo! Mail has implemented Domain Keys to find spam. The idea is simple: give email providers a way to verify the domain and integrity of the messages sent. Sendmail, Inc. has released an open source implementation of the Yahoo! DomainKeys specification for testing on the Internet and is actively seeking participants and feedback for its Pilot Program. Yahoo! has submitted the DomainKeys framework as an Internet Draft, titled 'draft-delany-domainkeys-base-01.txt,' for publication with the IETF (Internet Engineering Task Force). The patent license agreement can be found here."

Steve Loughran writes "It's been pretty quiet in public on the SiteFinder front, but it does not mean that VeriSign are accepting defeat. On October 15, the ICANN Security and Stability committee met to discuss it, as can be seen from the long transcript. The new item from this is a VeriSign review of Site Finder, which is very interesting." Loughran further analyzes the Verisign presentation, below.

It's time to crank up the Slashdot Interviews for 2003, starting with answers to your questions for Nagios developer Ethan Galstad. He went far beyond and above the call of duty here to give you what amounts to a veritable "Free Software Project Leader's FAQ" that anyone who has ever thought about starting his or her own project ought to read. Thanks, Ethan!

Eric Blossom has responded to your questions about GNU Radio. He notes that he's gotten a lot of inquiries from people wanting to help out, and that they have their "hands full with the software and are hoping that some other folks will chip in on the hardware", so if you're interested in assisting, go to it.

Dare Obasanjo contributed this followup to an article entitled The Myth of Open Source Security Revisited that appeared on the website kuro5hin. He writes: "The original article tackled the common misconception amongst users of Open Source Software(OSS) that OSS is a panacea when it comes to creating secure software. The article presented anecdotal evidence taken from an article written by John Viega, the original author of GNU Mailman, to illustrate its point. This article follows up the anecdotal evidence presented in the original paper by providing an analysis of similar software applications, their development methodology and the frequency of the discovery of security vulnerabilities." Read on below for his detailed analysis, especially relevant with the currency of security initiatives in the worlds of both open- and closed-source software.

abartlet writes: "Samba is celebrating its 10th birthday - initally released as Andrew Tridgell's humble 'Server 0.5' 10 long years ago. Tridge has made some notes on the past 10 years. And Samba is still going strong, becoming a cornerstone of the Linux community. Samba 3.0 is on its way and promises many new features, including for the first time support as a server in an Active Directory domain! But the biggest thanks goes to all those who have contributed code, bugs, testing, docs and feedback in general. We could not have come the last 10 years without you! -- Andrew Bartlett, Samba Team."

The escalating battle between Net-using music fans and the music industry -- like many of those Washington political brawls -- is mired in name-calling. ("You're a thief!" "No, I'm not, corporate pig!") Lots of people e-mailed ideas for new models for distributing and selling culture online in the hope of moving the discussion forward. For their ideas, read more:

Edmond Howser wrote in with this story about Archie Comics writing to the owner of the veronica.org website, asking him to "cease all use of the Internet domain "Veronica.org," all use of the Veronica trademark," and hand over the domain to Archie Comics. Turns out the website is about Veronica, a toddler... The story also mentions your contribution in helping Ajax.org. Perhaps we can help Veronica by expressing our disappointment to Archie Comics' Feedback Page.

Aron Hsiao sent us a link to a Mining Co article on the LSA. ZDNet also has another story on the same topic. This one talksd about the division in the Linux community over the issue. Personally, I think the world has spoken and the LSA will be passed up in favor of Linux Compatibility Standards Project, and open collaberation between Red Hat and Debian. Update Michael McLagan of the LSA wrote back in to make this statement. Click on to read it.

This is fairly sizable. Michael McLagan, better known to most readers as the brave soul responsible for Linux.org has written a response to the criticism he has recieved lately about the web site. I feel Linux.org is an important resource and Michael is working hard to do a good job. I think it's important that we work together to make sure that Linux.org is all it should be. I guess the first step is to hit the link below and read what he has to say, and talk about it.