And just today I heard the future of IPTV was Videola.

This book was great when it came out. Over a year ago. Strange to get such a late review of a book. Fortunately a lot of things are still accurate, and Drupal 6 has been the main release during this entire time, but sheesh. The contributed modules have improved a lot since then.

As far as Drupal itself goes, it's great. Yesterday my boss asked me to put together a secure site where a select group of people could discuss the upcoming budget cuts. The site needed to be attractive, secure, support single signon (integrating with our existing directory), restricted to one group of users, allow optional anonymity of posters (after authentication), and allow users to subscribe to threads.

Starting from scratch, I had it all done in an hour an twenty minutes with Drupal (plus the hidden author, subscriptions, pubcookie, pubcookie site access, secure pages, and views modules).

There seems to be a great deal of frustration and outright ignorance about how Drupal works in the postings above. If you want to be able to wield a complex weapon like Drupal, try the following resources.

For examples on how to create common types of sites using popular, well-supported modules: Using Drupal, O'Reilly

If you're a designer working with Drupal and want to understand how to work with it: Front End Drupal, Prentice Hall

If you're a coder and want to know how Drupal works internally: Pro Drupal Development, Apress

If you're not a book reader but like watching videos, pretty much anything put out by Lullabot

If you're not a coder or designer but a power user who has to deal with Drupal's admittedly byzantine administrative interface: Drupal 6 Content Administration

I was very surprised to find that the unique email address that I registered with at the EFF seems to have been sold to another group.

1. Drupal's security team is very active. The vast majority of vulnerabilities are with third-party contributed modules, not with Drupal core. The idea that "security is not Drupal's strong point" is false.

2. For Drupal's upcoming release (Drupal 7) there is a heavy emphasis on testing. How heavy? You can't get a patch into Drupal 7 without also writing tests. Admittedly, you can't take such a heavy hand with requiring contributed modules to adhere to the same standard. Proper testing of contributed modules is up to that module's maintainer. A user review system like http://drupalmodules.com/ is useful in determining which modules are the best.

Security is most certainly not an afterthought for Drupal.

Up though version 6 you needed to turn on a module like Securepages module to enable SSL logins.

The upcoming Drupal 7 has SSL login support in core.

See http://crackingdrupal.com/blog/greggles/drupal-and-ssl-multiple-recipes-possible-solutions

On the contrary. Drupal was one of the big open source projects to have a dedicated security team performing code audits and going through a security release process.

Drupal automatically checks for security updates (both in the core and in contributed modules) and can notify you immediately of updates. If, you know, you think that kind of thing is important.

Most CMS's have plugins that generate the static content or serve it directly from memory. Drupal has a bunch of such modules. Boost, memcache, cacherouter, etc.

This book fills out the lineup of Drupal books rather nicely:

Building Powerful and Robust Websites With Drupal 6: good intro book for the non-programmer

Learning Drupal 6 Module Development: the basics of module development

Pro Drupal Development, 2nd ed: exhaustive documentation/reference of how Drupal works, system by system

Using Drupal: Now that you understand the above, how you put it all together

And there are some other ones for specific applications like multimedia and education.