Say you want to find out if a site is using Drupal. You could dive in to the headers as was described by Lullabot some time ago and see if it is the birthday of Dries in the headers:
Sun, 19 Nov 1978 05:00:00 GMT

A much easier way and more generic is installing the "BuildWith Technology Profiler" extension in Chrome(ium). This add-on not just finds Drupal sites, but also other CMS-es like WP, Joomla and dozen of others as well as scans to see if for example Google Analytics code is on the page. A must have for the curious browser. If you find a nice site, you might tag it in delicious with "yads" (yet another drupal site) and or "drupalsite", take a look at some of my findings at http://delicious.com/bertboerland/yads.

Bit what if you want to know what version a specific Drupal site is running? Well, you could look for the CHANGELOG.txt file in the root but that file is often deleted. For good or for bad reasons. Personally I think it is good practise to give as little information as possible to the outside world, for example not echoing the version of the webserver you are running. This can be done in Apache by two lines
ServerTokens ProductOnly
ServerSignature Off

and this was done on drupal.org as well.

There has been some debate if Drupal should hide it's text files as well, like CHANGELOG.txt. Some other CMS-es do this or use a DIE to protect it from prying eyes. In the end consensus was that removing these text files will not make your site more safe; good procedures and adequate updating of core and contributed modules will!

So fingerprinting most Drupal site is easy, one just looks at the CHANGELOG file and knows what version the site is running. Hoewever, if you dont trust the changelog file or it is removed, it is still rather easy to fingerprint a Drupal site.

It can for example be done in the following way:

1. Download a couple of Drupal core files. Unzip / tar -x them.
2. Go through all directories to see what files changed. This can be done by something like:
   diff -r -q drupal-7.7 drupal-7.8 | grep -iv info >> drupaldiffall
3. Fingerprinting works best on JS or CSS files so grep the from drupaldiffall and put the in drupaldevjscss
4. Now find the files that have changed most often.
   cat drupaldiffjscss | grep -i "files" | cut -d " " -f 2 | cut -d "/" -f 2,3,4,5,6,7,8,9,10 | sort | uniq -c | sort | tail -10
    12 misc/autocomplete.js
    12 misc/collapse.js
    12 misc/drupal.js
    12 misc/farbtastic/farbtastic.js
    12 misc/jquery.js
    12 misc/progress.js
    12 misc/tabledrag.js
    12 misc/tableselect.js
    12 misc/textarea.js
    12 modules/color/color.js
   
   So out of these lets pick the color.js file that changed 12 times. Note that with Drupal 7 CSS and JS most of the time don’t change at all where in the late 6 versions, these files changed more and more often. Hence the tail -10 outcomes will differ based on the source Drupal cores you downloaded (and yes I suck at regular expressions)
5. The next step is to make the color.js file unique identifiable in all version. Here is where our old MD5 friend comes handy, the syntax might be different on BSD based systems versus GNU/Linux, but it will be something like:
   find ./ -name color.js | xargs md5 > rainbow
   And the rainbow file itself will be
   cat rainbow
   MD5 (.//drupal-5.22/modules/color/color.js) = 61098c218594ab871b48cd43459dc2ed
   MD5 (.//drupal-5.23/modules/color/color.js) = 61098c218594ab871b48cd43459dc2ed
   (etc)
6. Now all we have to do is find the color.js file in a site we want to fingerprint and match it against this rainbow file:
   grep `curl http://drupal.org/modules/color/color.js | md5` rainbow
   MD5 (.//drupal-6.22/modules/color/color.js) = f5ea11f857385f2b62fa7bef894c0a55
   
   So according to this Drupal.org is running the latest stable 6 version. Doing the same for the Belgium/Dutch site will give you less useful information:
   grep `curl http://drupal.nl/modules/color/color.js | md5` rainbow | wc -l
   7
   So all we know now (if we didn't wc the outcome) is that is is one of the latest 7 versions of Drupal 7. So you have to start digging deeper:
   more drupaldiffjscss | grep "drupal-7" | grep "Files " | cut -d " " -f 2,3,4,5,6,7,8,910 | sort | uniq -c (or visit http://drupal.nl/CHANGELOG.txt :-)

So why would one need this information you might ask. Since it is clear that in the wrong hands it will lead to... . Well, the bad guy knowing what version you are running. And to be honest, if the bad guy goes through so much trouble finding out what version you are running, (s)he was going to find out anyway.

But like all tools, it can be used for the Good. My employer takes over a lot of sites build by others (comes with the Drupal growing pains, the freedom of the GPL and the fact that the market is getting closure to an adolescent stage). Most of the times we have to give a raw estimate of maintaining and expanding the site, yet the prospect doesn't know what version he is running and doesn't want to ask his current supplier. By doing a quickscan on amongst others what version the site is running we know how well it was maintained and what budget would be needed to upgrade to the latest version. You might have a different usecase. For the Good.

"There is no I in Drupal".. Drupal is about code, license and community. Not about you or me. It is about us.

So when I^we counted the numbers of "We"-s in the comments of Drupal core with, we found 1741 results. Searching for "I" gave.. two hits.

So there you have the scientific proof; "Drupal 99% community certified .... and a bit of you and me!"

Ten years ago. A decade. Ten years ago I registered drupal.org and gave the domain after a couple of days to Dries. I can still remember choosing between .com (more popular, even then) and .org and decided to register the later. I found it a better fit for the community. If I wasn't so cheap, I would have registered both but the domainname claiming was not where it is today. In the end, everything went well and drupal.com was donated as well.

Now d dot o has a pagerank of 9, many subdomains, an own URL shorter; dgo.to and there are thousands of domainnames -most not complying with the trademark policy- with Drupal.

Ten years ago. A decade. I think someday someone will study the history of our community in an academic way. I also think that we should document our own past; "Project Drupast, documenting the future that was". As an open source community, much of our activity has been very well preserved, in code, documentation and on post on d.o itself. A bit of history can be found on the history page. But it doesnt do justice to our rich culture of ten years rocking the web. So take a look at a small timeline I started on tiki-toki. I know that with drupal core, cck, views, the timeline module and lots of templating, this could be done in Drupal as well and would welcome any initiative like that for "project Drupast". But untill that day, I would like to gather a couple of people who would want to help me putting the most important dates in this timeline. So if I know you, trust you, please contact me to get Drupast kicking like d.o does.

Ten years ago, I wrote Dries "Have fun with the new domainname". He did. We did. d.o rocks!

During the DrupalGovDays conference I got from Roel de Meester from my employer's partner Krimson some iron-on Druplicon patches. And with my kids loving Druplicon as well and lots of Druplicon goodies in the house, Aart wanted the iron-on patches on his old trouwsers. In fact, there was only one knee to be patched but why stop there?

This young boy with Drupal patches got me wondering, what is the youngest and the oldest person in the Drupal community with patches to modules, maintaining a module him or herself and maybe even a core patch?

Drupal, for all ages? Sure. But the general bias is that a Drupal developer is white mail in his 30ies. Not true? Let us debunk one of those and go for the youngest and olderst active person active in the Drupal community. If you are under 20, post the date / link towards your fist patch, first module and /or first core patch. and if you are above 50, do the same in this thread.

Post your data at http://drupal.org/node/1123940 and proof that Drupal is for all ages.

Yesterday and today there were some 350 people visiting the DrupalGovDays. Only 5 years ago a DrupalCon in Brussels was smaller then a vertical market conference like this one for the Governmental institutions. It shows the growth of the the CMS market, the maturity of OpenSource and the popularity of Drupal. So far, a great conference, not technical but great for networking, meeting old friends and finding new opportunities.

While not directly connected, one of the great opportunities for Drupal and Governments is the opendatachallenge. A competition with some price money behind it for the best ideas, apps, visualisation and datasets for making use of open data by governments. Something like the OpenSource modules behind itdashboard.gov would be great for making easy to understand visualisations of open governmental data.

This is also a good moment to announce two new modules build and maintained by my employer Dutch Open Projects and contributed by the manucipality of Breda:

• Service connect a pluggable way of using OAUTH identity service providers. Currently Facebook, Twitter and a Dutch site "Hyves" are supported but your own plugins / code and feedback is welcome in the issue queue
• Shadow, if you ever build a high volume site and have lots of slow queries caused by the complexity of views but want to keep the flexability of views, be sure to take a look at this module. The module optimizes SQL queries or views by using index tables which (partially) shadows the original query output. It is capable of automatically rewriting SQL queries to speed them up using the shadow tables.

A big thank to Breda for releasing this code and sharing / contributing to the Drupal community. And a very big thank you to the to the organisers of DrupalGovDays , Ivo Radulovski, Hanno Lans, Kristof Van Tomme, Bart Van Herreweghe, and Christine Copers and the sponsors Chancery of the Prime Minister of Belgium and the Federal ICT of the Belgian government and well as the Drupal Association!