Secure by Design: Ambient IoT, AI, and the Future of Trust

This episode is brought to you by Progressive Insurance. Do you ever think about switching insurance companies to see if you could save some cash? Progressive makes it easy to see if you could save when you bundle your home and auto policies. Try it at progressive.com. Progressive Casualty Insurance Company and Affiliates. Potential savings will vary, not available in all states.

We all remember the choices that shaped the course of our lives. In business, world-renowned venture capital firm Sequoia Capital calls them crucible moments. Their podcast brings you inside the pivotal decisions that define some of today's most influential companies. Hosted by Sequoia's Rulof Botha, Crucible Moments season three pulls back the curtain on the untold stories behind companies like Zipline, Palo Alto Network,

Supercell and more. Hear about the make-or-break decisions, early stumbles, and leaps of faith that turn scrappy startups into market-defining forces. Once you're caught up on season three, check out some of the episodes from seasons one and two with guests.

like Steven Shen of YouTube, Tony Shu of DoorDash, Steve Huffman of Reddit, Brian Chetsky of Airbnb, and more. Tune in to Sequoia's new season of Crucible Moments to discover how some of the most transformational companies of the modern era were built. Crucible Moments is available everywhere you get your podcasts and at Cruciblemoments.com. Go listen to Crucible Moments today.

Welcome to the Mr. Beacon Podcast. In July of last year, Google sued over 20 Chinese hackers because they had penetrated the firmware on over 10 million Google devices, ranging from smart picture frames. televisions and in-car devices, the impact of security can be fatal. Uh a flaw, uh a vulnerability can bring down companies. And so as

The people that are designing the solutions of tomorrow, the Ambia IoT solutions, we have to understand the the issue and some of the solutions. And there's no better person to get us up to speed than Steve Hanna. He is a distinguished engineer at Infineon, who are making the chips that go into many of the millions of devices out there. And as the attack vector spans from millions to billions of things.

This conversation is really relevant and timely. I hope you enjoy it as much as I do. The Mr. Beat. people in the planet by Blika. Steve Hanna, thanks so much for coming on the Mr. Beacon podcast. Talk about all things security and quantum computing and ambient IoT. It's a real pleasure having you here. Well thank you, Steve, for inviting me. I look forward to our conversation on this interesting topic.

It is interesting. I I'm you know, my uh day job is writing AI applications uh and and We got approval to put it on the app store and then I realized I really need to think about security, uh, because this is uh and This is probably horrifying for someone like you who's dedicated the prime of their life to security, that security is an afterthought. So usually is.

Yeah. What what is it that you say to people to try and get them to focus on security? Do you hit them with a stick or do you are there any carrots in your uh bag of tricks there uh at Infinion and IETF and the Ambient IoT Alliance? Well Uh there is of course the scare them technique. Talk about all the bad things that have happened when people didn't think about security and didn't build it in.

One of the things that tends to be even more effective though is compliance requirements, pointing to customers. Now government customers and increasingly business customers who require security.

if they're gonna buy a product. So you say for example, well, here's this whole government market. Wouldn't you like to have part of that? Well if you would, then you need to have proper security. Or as we see more and more nations adopting security requirements as a condition for selling your product in that nation. for example, the European Union requiring compliance with their radio equipment directive and soon with their Cyber Resilience Act. That becomes a carrot.

Like, wouldn't you like to be able to sell in the European Union, in the UK, in Singapore? Well sure you would. Well if you want to do that.

then you have to comply with their requirements for cybersecurity. Very good. Well I I am very motivated to pay attention to your what you say over the over the next few minutes because of uh Because I I have thought about all the horrible things that could go wrong, uh all the bad actors. uh and also, you know, the reputational risk and and just the kind of the ethical issues of of spilling people's most personal private information into the hands of

some pretty horrible people, which unfortunately there are enough of them given how big the internet is. What is it? Let's I I want to cover two main topics with you. And one is ambient IoT and and w what is it about ambient IoT that people need to think about specifically with regard to security? And, you know, generally our audience are entrepreneurs or architects who are thinking about building solutions to capitalize on this incredible opportunity of connecting the digital and the physical.

So uh I I wanna arm them with what they should be thinking about, what are the risks what are the defensive techniques that they can use, some of the challenges uh some of the solution options. And and you spoke on all of those subjects at Embedded World as as part of the Ambia IoT alliance. Um presentation slight

there uh a few weeks ago and I think you're going to be speaking again. In fact we're both speaking again in um in uh in Germany in Nuremberg at the main uh embedded uh world. So let's give people a preview of that. Can you just set the the the the scene a little bit on some of these uh topics and and talk about the risks that relate to ambient IoT? Yeah, absolutely. So whenever we're thinking about security, we think in terms of risk.

What could go wrong? And of course it depends on the exact context of your application. But if we think, for example, about a sample application like pharmaceutical distribution. The great thing about END and IoT is that we can track medications throughout the supply chain. And we can have confidence that these are actually what they claim to be, that they're not counterfeits.

and that they've been kept in the case of uh medications that need to be kept in a certain temperature range in that range throughout and perhaps that they haven't been tampered with along the way. So these are wonderful capabilities that can be enabled by ambient IoT. But then we have to ask ourselves, what could go wrong. What is the risk here if, for example, somebody is able to clone one of these ambient IoT tags or devices?

then they would be able to introduce a bunch of counterfeits or clones into the supply chain that would be indistinguishable from a valid medication. What, on the other hand, might happen if they could cleanse a product which had gone out of the temperature range? Perhaps by tampering with it or other techniques. If they could do that. Then somebody could buy a bunch of pharmaceuticals that did go out of temperate range at a very low cost, cleanse them.

through a cyber attack and then reintroduce them into the uh supply chain as uh legitimate and undamaged products, you could result in injury to consumers. in both of those cases where a particular product has counterfeits introduced which are able to pass as authentic or Products which have been damaged by being out of temp range or tampered with. if those are able to be introduced, there could be injury to consumers as they as they partake of those medications. So those are some of the

bad things that could happen, the risks that could be encountered, and then we have to think about how to defend against them. So this is a great example because it kind of brings up some of the uh the carrots and the stick. It's it's kind of like the Ambia IoT, suddenly we get new levels of traceability, which in the case of medication

can be a wonderful thing because uh counterfeit medication can be deadly and it's kinda evil really. And so and there is a need because it does happen and there's some horror stories about people taking medicine that doesn't do what it should do. And then, you know, we're selling this solution to help mitigate that. But if it's not secure, then our whole value proposition collapses and potentially the company collapses with it.

You talked about cleansing drugs. Cleansing sounds like a good thing, but I take it from what you were saying that it's it's not in this context. Right. If the product has been outside of the approved temperature range, for example, a COVID vaccine, one of those early mRNA vaccines that needs to be maintained at a very cold temperature, if it leaves that range And then is brought back into that range, the product in question is no longer valid and shouldn't be administered.

Right something that can be monitored and managed with ambient IoT. But if you can take that product and perhaps wipe its memory as to the fact that it has been outside of the temperature range, then you could uh you could reintroduce it into the supply chain even though it would be ineffective.

And and so what is different about ambient IoT as opposed to any other kind of IoT uh or or even just mainstream internet security that that makes it different? Well, These sorts of attacks are the sorts of things which are mounted against regular IoT, but uh with ambient IoT we face two challenges. One, a cost challenge. Some of the techniques that we would typically use in securing IoT cost a little bit. Perhaps there's a uh anti counterfeiting chip that's included. Mm-hmm. Well, that might be

only a few tens of cents, but it still might be too much for an ambient IoT tag. Another challenge that we face is power. And of course, as you know, ambient IoT often harvests power from uh the surroundings, whether through vibration or temperature change or radio wave. To perform cryptography requires some power and if the budget, both the financial budget and the power budget, are quite limited, one must be willing to spend a little.

financially and in terms of power to get that greater security. Now the good news is that A lot of effort has gone into creating low power solutions and low cost solutions. We can see that, for example, in credit cards, these contactless cards. That can be tapped. Well there's no battery in there and yet they're performing cryptographic operations. And of course they're low cost in some cases. They're given away free, not the credit card, but other things like a transit card.

So they're clearly very low cost. And yet they include anti counterfeiting and anti tampering technology. So the challenge is there, but it's not an insurmountable challenge. It's just a question of putting one's mind to it and using the technologies available. Yeah, it's getting getting it right, sort of the three bears, you know, not too hot, not too cold, just right, i is important because, you know, we could uh on one hand

Who's going to argue against security? I think the only reason I would argue against it is i if it completely undermines the premise of the technology. So if you have a a tag that costs

less than five cents and then you add, you know, some requirements that require a secure enclave and you know l you know, rapid interchange of information. Suddenly your five cent chip becomes a dollar and that basically means you can no longer track the thing and the whole point of trying to connect everything to everything goes out the window. But the flip side is you can't just say, well, let's not worry about security because then bad things will really happen.

Let's just round out the what bad things can happen c part of the conversation and and uh go from pharmacy, which, you know, I think we all want drugs that are safe, so we can relate to that. But what about sort of more Consumer use cases, uh what what's what's what do we have to worry about there? Well there are two things that we'd worry about there with AMB and IoT security. One is theft.

a particular high value asset, a pharmaceutical is one example, but it could be, say, a fine bottle of wine, is being tracked with ambient IoT. If that's something that a A thief can detect just driving down your street or through some other remote mechanism, they can say, aha, this is a house that's worth robbing, because I can see that there are a hundred of those nice bottles of wine in there.

And so we have to be concerned to make sure that only that uh these high value assets can only be detected and tracked by authorized users. It's a concern in the supply chain as well. if you have a a train with many containers and if the thief can just hold up a scanner and figure out, oh, that's the container, the shipping container that has

twenty thousand iPhones in it or uh some other high value asset, then the same thing applies there. They're gonna be like, Oh, that's the one I'm gonna break into. Yeah. So that's one concern that we have there is security. And then uh just uh tracking things is is not always an unmitigated good. The other concern would be privacy. For example, I might not want everybody to know everything that I have in my house. Perhaps I have some uh

Some items that I'm a little more embarrassed about. Perhaps I have a disease that I don't want everybody to know that I have. Perhaps I have. You know, you can imagine all sorts of things uh that you might have in your house that you wouldn't you wouldn't want everyone to know about. Or you might even have them on your person as you're walking around. We're all entitled to our privacy. We're all ini entitled to having certain secrets.

And so we have to be careful to make sure that that information is only accessible to the proper folks and not to anyone who might be stalking you. Um or otherwise invading your primacy. Yeah. And and here you've kind of getting me into a very passionate evangelical mode because I totally agree. If we're You know, Ambia IoT to me is suddenly we're connecting the things that are inside people's medicine cabinet, inside their pantry, inside their underwear drawer. Sounds a little unsavoury.

You know, all of these things and I see huge benefits, uh massive opportunities to reduce the cost of goods, uh massive opportunities to reduce theft, incredible opportunities to combat the environmental crisis that we we deal with. So, you know, life can be so much better, but it's not gonna happen if we don't have good answers to privacy and security. And if we just try and avoid the conversation.

uh I I think uh our our business will not take off and and I really want to see it take off and so uh what you're doing is very uh important I think in giving a making people feel that actually there's more advantages than disadvantages to putting everything online and that their life will be better. But unless we get ahead of this, then uh basically uh our marketing will be killed and our consumer demand will be killed. And so we have to take this seriously.

Yes, it's an existential risk actually for every company. And more and more uh corporate boards are realizing that. and saying, Oh, wait a second here. We've seen what happened to our competitors who didn't properly consider cybersecurity as a risk. They didn't come up with backup plans. They didn't designing in good security from the start. And then something happens and what do you know, they have to recall or replace all their products.

or they have to pay out some large settlement and there can be reputational damage as well. So I think the wise entrepreneur recognizes that You have a great idea. But you won't be able to really realize that idea unless you make sure that your bases are covered, so to speak, in a way which is cost effective and practical. It has to be that as well.

Yeah, I mean the way I look at it is this can actually be a competitive advantage if you do a good job, then people will like and I think Apple uh of of of are a great case study and they they take privacy seriously and people just feel

better about having their products there for all sorts of reasons, but I would argue that is one of them. And you know, AI's flavor of the decade, the millennium, uh the future. And I would argue that as we get more things online, as there's more security and privacy decisions, actually AI will be a huge asset for uh for helping you know normal people who don't want to get into the details who to just say look

You know, this is what's important to me, take care of it, and then the AI will hopefully help us manage what would otherwise be just a huge dashboard of knobs, dials and switches which would overwhelm normal people. Absolutely. So one of the standards groups that I work in is the Matter Working Group, and this is for smart home standards. So in the in the Connectivity Standards Alliance.

when we were creating the matter standard for smart home, we realized that most consumers, they want security, but they don't want to have to worry about it. They just want it to work. And they trust the product makers to do it and do it right. So we designed into it secure by default and secure by design.

the protocols are always secure. And actually we were able to make it easier Because we did that, instead of every little device having its own password or, you know, little code that has to be entered in, something like that, you know, hexadecimal. Um it's very easy. It's all cryptographic, it's all built in from the start, and the consumer just, you know, plugs it in and scans a QR code and the next thing they know it's up and running and it

uh has that security built in. That's what we need to do. And what we can do when we design in security from the start. Yeah. And I think this is why organizations like the ambient IoT Alliance, where you have users and different vendors coming together and they have a sort of building blocks work which are the existing standards, but we need uh groups that are are thinking holistically and I I hope that uh Ambient IoT Alliance can help with this.

This episode is brought to you by Progressive Insurance. Fiscally responsible, financial geniuses, monetary magicians. These are things people say about drivers who switch their car insurance to progressive and save hundreds. Visit progressive.com to see if you could save. Progressive Casualty Insurance Company and Affiliates. Potential savings will vary, not available in all states or situations. We all remember the choices that shaped the course of our lives.

In business, world-renowned venture capital firm Sequoia Capital calls them crucible moments. Their podcast brings you inside the pivotal decisions that define some of today's most influential companies. Hosted by Sequoia's Rulof Botha, Crucible Moments season three pulls back the curtain on the untold stories behind companies like Zipline, Palo Alto Network,

Supercell and more. Hear about the make-or-break decisions, early stumbles, and leaps of faith that turn scrappy startups into market-defining forces. Once you're caught up on season three, check out some of the episodes from seasons one and two with guests.

like Steven Shen of YouTube, Tony Shu of DoorDash, Steve Huffman of Reddit, Brian Chetsky of Airbnb, and more. Tune in to Sequoia's new season of Crucible Moments to discover how some of the most transformational companies of the modern era were built. Crucible Moments is available everywhere you get your podcasts and at Cruciblemoments.com. Go listen to Crucible Moments today.

So okay, we wanna do it. We're all convinced that it's important and it's actually an opportunity to make money as well as avoid losing it. What what are the approaches we can take uh to solving and addressing the the some of the risks that you outlined. Well, we can take lessons from some of these existing products like the credit card that I described or existing IoT products like uh matter as I described.

One of those is, first of all, that you need to have unique identity. You need to have cryptographic identity. one of these ambient IoT devices needs to be uniquely identifiable so that if somebody does create clones, You know, a thousand clones of one of these devices. then you can detect that and say, wait a second. Now there isn't only one of this this con particular individual cryptographic key. It's everywhere. So I can tell it must have been cloned.

That comes from having a unique identity in each device. If all the devices look identical, you can't tell which are the clones and which aren't the clones. if you see what I'm saying. Yeah, absolutely. No, I'm I I'm thinking about this. now, you know, deploying Bluetooth beacons around to help people navigate and uh

You know, that can be used for all sorts of things. Yeah, fun stuff like audio guides with an AI talking to you in very personal terms to explain an exhibit or uh uh walk you around a a garden. Uh but it can also be used to prove that someone was somewhere and you know, if you can uh clone this and uh you know, they're basically never left their living room and let their and yet they're claiming that they went to these places.

uh they may be getting paid uh because of that, then that can be uh that can be bad. Yes, exactly. And then in the protocols which we're developing, we have to make sure that we take advantage of, that we leverage that unique identity.

that we require the devices to authenticate themselves in some fashion so that we know that it device is actually what it claims to be. There's some proof of that. And this can even enable confidential communications so that as I described a risk where an attacker could track and find if you have a lot of high value assets in your home or in a shipping container, that depends on being able to see the identity and the device type of those

particular asset. So if there's confidentiality protection built in, like we have with encryption, then the attacker won't know whether, hey, is that iPhones or is that, you know, bowling balls or, you know, strawberries or whatever else might be tracked. So we need to have that confidentiality protection as well.

Yeah, and I think if we there are simple things that we can do to make sure that people can't even well, A, they won't know i is that tag on a a a bottle of medicine, or is it on uh a hammer, or is it on uh some very low cost thing? But we can also do things so that they can't even count how many things there are and uh it's just sort of noise as far as they're concerned.

So let's get back to kind of the end user and h how does uh consent fit into all of this? Well, when we're thinking about privacy, the user has to give consent. to having their personal data used. And it seems to me that in cases where, for example, we're tracking someone's use of a particular product, that that consent might be something that needs to apply, especially in a healthcare scenario.

if we're tracking which uh pharmaceuticals somebody is using or whether they're using them in accordance with the manufacturer directions. I would presume that privacy regulations like HIPAA and GDPR would apply there as well and consumer consent is gonna be an important part of that. you have to let them know that their consumption is going to be tracked or how it might be tracked and to whom that information might be sent. And then they have to provide consent. Yeah. Informed consent.

Uh well and I remember thinking about this, you know, back in the old days when when I had my Chief Marketing Officer hat on. I I was like, Oh my goodness, we need to ha come up with some some some kind of structure that can help deal with this consent issue. And I'm like, ugh. And then I realized, well, actually we have GDPR. I mean, when's the last time someone said, oh good, GDPR? But that was me. I was like, There a lot of these principles apply just the same way.

And uh, you know, don't assume you can't assume that someone's opted in. You have to get them to opt in. That's the same whether it's a website or whether it is having identity in their um uh shirt or a pair of trousers or or something that is ambient.

Let's just go. Go back now to some of the challenges that are really specific to ambient IoT. We t we talked a little bit about it, but let's just nail the the, you know, the couple of the key things from your perspective that we need to think about in terms of th those uh ambient IoT specific Sure. So if we talk about cost.

What we have to think about, and we always try to do this in security, is how to make the cost asymmetric. We want the bad guys to have to spend millions in order to break these or at least And we want the defenders, the good guys, to be able to build the security in for a tiny cost. So we want to have A huge multiple between what it costs the defender to defend and what it costs the attacker to attack.

So it becomes prohibitively expensive for the attacker while remaining affordable for the defender. That's always our always our goal. So it'll be a matter of building the security into the single chip solution. for ambient IoT. And then when we talk about power, Specifically, what we need to think about is how can we perform this these security operations in a very power efficient manner.

And the way that we do that technically is that we use symmetric cryptography. Symmetric cryptography is very power efficient and low cost, and yet it can be equally effective as asymmetric. And uh so that's what we see, for example, in those credit card chips. Those are based on asymmetric crypto on symmetric cryptography because it's so inexpensive. It has its own challenges, but it it has that benefit.

And uh we can even put in a few tweaks into the hardware to accelerate the cryptographic algorithms. Just a few transistors here and there could really provide a big performance boost. for and reduce the power required uh substantially over a a generic processor without any cryptographic algorithmic acceleration. So those are the sorts of things.

That makes total sense. There's uh you know uh it's it's incredible what can be done with incr very low cost chips now uh and and so we should use that rather than just throwing up our hands and say, Oh, we're just gonna have all the data in the clear because if we do that uh i it's gonna um kill this uh uh amazing goose that I think is gonna be laying some wonderful eggs very soon.

So Steve, you have been a distinguished engineer for the best part of two decades. So you've kind of reached the pinnacle of where a lot of engineers want to get to some time ago. How did you get there? You you started off doing computer science at Harvard, is that right? That's right. I'm a software engineer by training, and about thirty years ago I got interested in security, cyber security and specifically the security of the internet of things.

And uh well, it was an opportune time for that. I guess I have an ability to, as we've seen in the show, explain complicated topics in a simple way. And uh that's really valuable. Yeah. So that's kind of career advice is get good at explaining really complicated things to business people in simple terms. Yes.

I think um we had dinner months and months ago and I may have mentioned this at the time, but I I I really enjoy Talking to very smart uh engineers and well the thing I have noticed is that the smartest of them are actually able to talk in incredibly simple terms about complex things because their quantum brain has kind of crunched things and can uh

can can actually synthesize and then regurgitate. Whereas those of us who are kind of grappling with the technology with a few less MIPS uh tend to kind of go through things in, yeah, this is how I understood it rather than this is how you should understand it. So it's interesting that you cite that as being one of the secrets to getting to where you have got to

I noticed that you've contributed to IETF uh on a number of occasions. W what is that organization? It's the Internet Engineering Task Force. It's a group that's been around for more than 40 years and At IETF we create the standards for the internet. So things like IP the Internet Protocol.

and TCP and TLS, the secure communications protocol that's used for web browsing and so many other things. Those are created at the IETF. It's a great place because it brings together people from industry, academia, a lot of different backgrounds, all working towards common goals. create interoperable protocols that are reliable and secure. I mean the internet's been around for a few decades now, isn't it? Done? Uh what's left?

Well the great thing about the internet is that it's a platform upon which so many things can be built. And when the internet was invented, you know, in the eighties, arguably back in the sixties, the origins, early days of packet switch networks There was no concept that well that we would have a computer so powerful in the hand in our palm of our hands or perhaps on our wrist.

the concepts like Uber and Lyft and Zoom and all of these technologies were almost incomprehensible at the time. And so it has become a platform for innovation. That continues to this day. The power of the internet continues to enable new innovations. Yeah, and I I that's quite profound observation, I think. And I you know, we see the growth of open AI, chat GPT. As opposed to

e-commerce, which had a very slow bumpy ride. But AI has just exploded because it's now the the internet is mature now, isn't it? It's able to do its thing and suddenly everyone can download the client.

chat GPT client and and and start using it almost immediately. I is AI presenting Yeah. So that's an example of the internet. already well worn and tried and tested, supporting a completely new application almost overnight. uh growing to vast scale. Um is AI presenting, you know, new challenges for the IETF? I know you don't You're not here to represent them, but yeah, it's I haven't spoken to people from IETF very often, so it's uh I'm gonna take my chance.

Sure, I'm happy to do so. Well, I would say certainly AI presents new challenges to IETF. IETF has people with different types of expertise, and my expertise is in the realm of security. So what I would say is as a security expert, we face new challenges for a couple in a couple of ways. First, AI is being used by the attacker. in were to attack systems. Uh you have intelligent bots and malware that's crawling through the network and finding its way into devices.

figuring out how to attack those devices, all sorts of very sophisticated AI-driven attacks. At the same time. AI is great for the defenders because it allows us to have our own defenses. You know, these uh defensive bots that are out there trying to block and battle the attackers to recognize the difference between legitimate traffic and uh malicious traffic or at least suspicious traffic. And finally, the way that AI is affecting the internet is that

AI and AI driven capabilities are clients of the Internet. They need to be able to run over the Internet and they have sometimes different characteristics. both from a security perspective and from a performance perspective, than what came before. So they may, for example, need to operate in real time. That is, they may need to have confidence that a particular message is going to get from one place to another in a no more than a limited period of time, a few milliseconds.

And so that's something that has not been such an issue in the past and is becoming more so as we have Well safety critical, AI driven uh system.

Amazing. Well, it's that time in the show to get personal and uh uh it doesn't need to be too personal, but uh the the the your music choices, three uh music choices that have meaning for you. Uh what what did you come up with? Uh it was a lot of fun. So Here are the three. The first is a song that I learned a few years ago called Every Day is a Day of Thanksgiving. Every day is a day of thanksgiving. Now, here's why this is meaningful to me. in life and especially in the realm of security

Things often are out of our control. Things happen and what you can control is how you respond to those things and how you prepare for them. So I try to focus on the positive. What can I give thanks for in my life and in the world? And that helps to make me more resilient. Bouncing back when bad things happen. Plus, it's just a great song. You should definitely Google it.

Yeah, I will. Um and and who w where does it come from? Do you know It's a gospel song. It comes from a composer uh from a church in Chicago. Uh excellent. Well, wonderful number one. Uh what about number two? Uh number two, and I'm not going to venture to sing this one, is This Is My Song. So it's a song that's about ninety years old from what I can tell. And It starts out like a patriotic anthem, you know, the beauty of my land, of my dreams and my hopes.

But then it sort of shifts from And it points out that other people in other lands have their own hopes and dreams and beauty that are just as noble as my own. So to me this has meaning because in my work, especially in standards work, I've found that Every person in the standards group is actually bringing one piece of the puzzle. Nobody has all of the pieces needed to make that standard work.

And in fact, the standard isn't gonna succeed unless we can get everybody on board. So that doesn't mean that we need to take all of those ideas and put them all into the standard, but we need to consider Each person's perspective. before we find something that we can all agree upon. Yeah. I mean I think like any creative venture

Where you leave the space in between the lines for other people to fill in is as much as is it as important as the lines that you actually draw, isn't it? And uh you can think, well, I need to specify everything, maybe the realistic. So there's a lot to be said for that. But then you you know, impressionism and all that sort of thing is pretty uh interesting application of art that segues into technology technological themes. That was wonderful too. I I can't wait to hear number three.

Well, for number three, I'm gonna take a bit of a cheat and I'm just gonna say anything by earth, wind, and fire, because sometimes you just need to feel that joy and party. Oh yeah. That's uh a fantastic choice as well. Well, very thoughtful, very fun, very inspiring. Thank you, Steve. for everything you've been sharing with us. Uh in particular your last uh three song choices. That was great. Yeah, happy that you invited me on the podcast. It's been a lot of fun.

Well there's tons of other things I wanted to talk to you about, but we ran out of time. But this was great, Steve. I really appreciate your spending time uh with me and I'm looking forward to our session over in uh in Germany and and uh hopefully continuing the conversation there. Likewise. So that was Steve Hanna. What an amazing career spanning Macintosh to the very late technology that uh is changing our lives. Great guy, he and I Uh Germany in a few weeks time.

So really looking forward to seeing it. is kind of important to me hopefully. wave a album cover. C D box, but Radiohead are synonymous with the digital format. Yes, they started off in the era of But if you remember back to the first time. two thousand seven rainbows amazing. They actually let you down. Free and then pay. Yeah. and wonderful. So that's my recommendation for the week. Thank you so much for listening. Thank you so much uh for Aaron Hammond Yeah, Aaron does Enjoy yourselves.

Pretty horrible things going on in the world. ever present uh so there's still a lot of joy to be had a lot of happiness focused I say that to myself. So be safe and I'll see you next time. This episode is brought to you by Progressive Insurance. Do you ever think about switching insurance companies to see if you could save some cash? Progressive makes it easy to see if you could save when you bundle your home and auto policies.

Try it at progressive.com. Progressive Casualty Insurance Company and Affiliates. Potential savings will vary, not available in all states.