Greg Leib on Software

As a new technology executive, my biggest worry is whether I am focusing on the right issues. My prior roles primarily required technical work, but they mostly involved small problems and small teams. For my first executive position, I expected to focus on organizational issues more than technical ones. Two months in, I think my expectations and role reset strategy were about right. Here are some of the challenges I've been working on so far: Hiring. I'm shifting the organization from being mostly outsourced offshore to a more even onshore/offshore model. Sourcing and assessing engineers for senior roles has been challenging. I'm committed to building a great team. This is my top priority, and so far we've filled two of the four most senior roles. Our offshore people are solid, and I'm really excited about the new people we're hiring. Process.  We need a simple and unambiguous approach for software development. I've been pushing the team to use Jira a

There's been some buzz recently about Hillary Clinton using a personal email server for official state business. The Wired piece is an interesting read: http://www.wired.com/2015/03/clintons-email-server-vulnerable/ Probably the most surprising thing in the article for me is not about Hillary's email server at all. In discussing Hillary's invalid SSL certificate, the article casually mentions that the State Department uses a self-signed certificate, implying that their email could be compromised by a man-in-the-middle attack similar to what could target Hillary's email server. Here's a link that illustrates the invalid certificate: https://www.state.gov/ At time of writing, the certificate belongs to Akamei, and not not to the State Department. The certificate was issued by Cybertrust and will expire in June 2015. Does this imply that the State Department's email could be compromised? Probably not. It's unlikely they are using this certificate for