jcm5674
Posts: 1
Joined: Fri Sep 06, 2013 10:56 pm

NSA spying and Raspberry Pi

Fri Sep 06, 2013 11:01 pm

Hello all,

As I am sure that many of you have read, there were new revelations yesterday about the extent of NSA Internet espionage, including the breaking of common encryption standards and the bribery/intimidation of private industry to build "backdoors" into consumer products. What I am concerned about is whether the Broadcom chip used in the RbPi may have such a vulnerability. Does anybody know?

Thanks.

-Joel

ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 6058
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Re: NSA spying and Raspberry Pi

Sat Sep 07, 2013 5:01 am

The broadcom employees that worked on the chip know, but would you believe them if they said no? Feel free to reverse engineer the firmware and find out https://github.com/hermanhermitage/videocoreiv .

Heater
Posts: 13704
Joined: Tue Jul 17, 2012 3:02 pm

Re: NSA spying and Raspberry Pi

Sat Sep 07, 2013 12:40 pm

Never mind the firmware. They have enough transistors in the Raspi Soc to put a backdoor in the hardware.
Then again the same is true of SD cards, USB hardware, network hardware, disk controllers etc etc.

If you want to be really sure you are going to have to build everything yourself from the ground up.

Hence the push now a days for open source software and open hardware designs. See opencores.org to see how you can build your own back door free computer from VHDL/Verilog source code. That is, of course, if you trust your FPGA or custom silicon vendor not to put back doors in the the thing.

Just fueling the paranoia here.
Memory in C++ is a leaky abstraction .

User avatar
cyrano
Posts: 714
Joined: Wed Dec 05, 2012 11:48 pm
Location: Belgium

Re: NSA spying and Raspberry Pi

Sat Sep 07, 2013 12:56 pm

Heater wrote:Then again the same is true of SD cards, USB hardware, network hardware, disk controllers etc etc.

If you want to be really sure you are going to have to build everything yourself from the ground up.
Still useless as they have control over the big irons on the net and the cooperation of SSL certificate authorities. Specialized MITM routers are available:

http://www.wired.com/threatlevel/2010/0 ... forensics/

This is a small, old one. One we know off.

There's nothing wrong with TLS/SSL an sich, tho. Or the RPi, for that matter.

Heater
Posts: 13704
Joined: Tue Jul 17, 2012 3:02 pm

Re: NSA spying and Raspberry Pi

Sat Sep 07, 2013 1:24 pm

cyrano,
There's nothing wrong with TLS/SSL
As I just said on another thread here, we have to assume that all the certificate authorities are compromised by the NSA at this time. We cannot trust them.
Memory in C++ is a leaky abstraction .

User avatar
MrBunsy
Posts: 185
Joined: Mon Feb 20, 2012 1:48 pm
Location: Southampton, UK
Contact: Website

Re: NSA spying and Raspberry Pi

Sat Sep 07, 2013 1:32 pm

Heater wrote:cyrano,
There's nothing wrong with TLS/SSL
As I just said on another thread here, we have to assume that all the certificate authorities are compromised by the NSA at this time. We cannot trust them.
But RSA in and of itself still looks to be secure, so long as your keys are big enough.

Heater
Posts: 13704
Joined: Tue Jul 17, 2012 3:02 pm

Re: NSA spying and Raspberry Pi

Sat Sep 07, 2013 3:54 pm

There is of course a lot of technicalities of TLS that I don't understand but the general idea seems to be:

1) Before I offer my password, or any other "secret" info to the forum I would really like to know that I am actually talking to the forum. Not some other evil entity who is just pretending to be the forum.

2) To do that the forum offers a public key which is signed by some trusted third party. I can use certs that I have from said trusted authority to verify the public key is what it says it is and comes from who it says it does.

3) It's a bit like receiving a hand written letter and asking a hand writing expert who knows the sender to verify that it really was written by who it says it was. That it is not a forgery.

4) Clearly if the certificate authority. (The hand writing expert in my example) is compromised he can tell me anything he likes for whatever purpose.

5) I have a strong suspicion that those third parties who offer certificates, the certificate authorities, are compromised by the the NSA.

6) Ergo, the whole TLS system is vulnerable and broken.

TLS has no benefit for users of the forum. It makes no difference how long your keys are.
Memory in C++ is a leaky abstraction .

User avatar
Speedwell68
Posts: 178
Joined: Sun May 12, 2013 5:21 am
Location: Cornwall, UK

Re: NSA spying and Raspberry Pi

Sat Sep 07, 2013 4:20 pm

IMHO all of this business about the NSA and GCHQ needs to be taken with a pinch of salt. The media seem to be blowing out of proportion with the basic sensationalist reporting style they seem to use these days. Also, what have you got to hide? Why would they be looking at private law abiding individuals. Does anyone really believe they are reading everything we do online?

ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 6058
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Re: NSA spying and Raspberry Pi

Sat Sep 07, 2013 4:51 pm

Speedwell68 wrote:IMHO all of this business about the NSA and GCHQ needs to be taken with a pinch of salt. The media seem to be blowing out of proportion with the basic sensationalist reporting style they seem to use these days. Also, what have you got to hide? Why would they be looking at private law abiding individuals. Does anyone really believe they are reading everything we do online?
While I don't like the "what have you got to hide?" argument, I do agree with the rest of it. It's enough to say what could potentially, theoretically happen, throw in 'NSA' and people get all up in arms. It's like people are discovering for the first time that there whatever you do online doesn't stay on their computer.

However, I am glad people are up in arms about it and I am glad we have whistle-blowers. Between having random governments collect my data and not... I'd rather not. I know nothing bad is going to happen if they do, but I don't like the principle of it. If they were transparent about what data is collected and how it's used, I wouldn't have any problem at all with it, but that's not the case.

Heater
Posts: 13704
Joined: Tue Jul 17, 2012 3:02 pm

Re: NSA spying and Raspberry Pi

Sat Sep 07, 2013 4:55 pm

speedwell68,
Also, what have you got to hide? Why would they be looking at private law abiding individuals.
Are you sure you know who "they" is? The info is in the hands of guys in government positions with friends in business. Info goes around. Corruption can always make use of it. There has already been stories out about guys using this info to snoop on their ex-wifes/girlfriends. Someone wants to find out what you are up to with your latest business plan? Perhaps they can find out with a little help from their friends. And so on.

You are assuming that your government is always harmless for "law abiding" citizens. The American communist witch hunts, the persecution of Jews in Germany, the hounding of gays in England (See Alan Turing) and a thousand other examples from history will tell you not to trust your government to not turn on you.

Is this paranoia? Perhaps. Is it extrapolating from history? Quite likely.
Memory in C++ is a leaky abstraction .

User avatar
excollier
Posts: 194
Joined: Wed Sep 12, 2012 8:17 am

Re: NSA spying and Raspberry Pi

Sat Sep 07, 2013 6:01 pm

I would say accept that security agencies, will always snoop on anything they can and with that in mind, carry on doing what you always did, maybe giving them the digital two fingers occasionally......who is that knocking at the door? ;)

User avatar
MrBunsy
Posts: 185
Joined: Mon Feb 20, 2012 1:48 pm
Location: Southampton, UK
Contact: Website

Re: NSA spying and Raspberry Pi

Sat Sep 07, 2013 6:10 pm

Heater wrote:There is of course a lot of technicalities of TLS that I don't understand but the general idea seems to be:

1) Before I offer my password, or any other "secret" info to the forum I would really like to know that I am actually talking to the forum. Not some other evil entity who is just pretending to be the forum.

2) To do that the forum offers a public key which is signed by some trusted third party. I can use certs that I have from said trusted authority to verify the public key is what it says it is and comes from who it says it does.

3) It's a bit like receiving a hand written letter and asking a hand writing expert who knows the sender to verify that it really was written by who it says it was. That it is not a forgery.

4) Clearly if the certificate authority. (The hand writing expert in my example) is compromised he can tell me anything he likes for whatever purpose.

5) I have a strong suspicion that those third parties who offer certificates, the certificate authorities, are compromised by the the NSA.

6) Ergo, the whole TLS system is vulnerable and broken.

TLS has no benefit for users of the forum. It makes no difference how long your keys are.
I wouldn't say no benefit. The certificate system is no more broken than it ever was: it's only as strong as the certificate authority, and they're not exactly fool proof. If this forum had it's own self-signed certificate, communication between you and it would be secure, it's just tricky to completely confirm it's the forum you're talking to. But with the US government always having been able to have a hand (this is my speculation) in the DNS and CA system, nothing's changed.

jamesh
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 23981
Joined: Sat Jul 30, 2011 7:41 pm

Re: NSA spying and Raspberry Pi

Sat Sep 07, 2013 6:44 pm

From a Broadcom employee POV, as far as I know, there are no security back doors in the Brcm2835, either in silicon or software. The chip was mostly designed in the UK, but that's no guarantee. It also use IP from various other sources (the USB controller, the ARM etc) and as far as I know we do not check that for security holes, just that it works.
Principal Software Engineer at Raspberry Pi (Trading) Ltd.
Contrary to popular belief, humorous signatures are allowed. Here's an example...
“I think it’s wrong that only one company makes the game Monopoly.” – Steven Wright

Heater
Posts: 13704
Joined: Tue Jul 17, 2012 3:02 pm

Re: NSA spying and Raspberry Pi

Sat Sep 07, 2013 9:14 pm

Whilst we are here discussing the possibilities of the NSA having their ears everywhere. Many like like to read the following article ans subsequent thread on the NSA's involvement in the IPSEC IETF standards committee. This is starting to sound like stuff to be concerned about.
Nothing Pi specific here of course. It's far more pervasive than that.
Memory in C++ is a leaky abstraction .

User avatar
Jim Manley
Posts: 1600
Joined: Thu Feb 23, 2012 8:41 pm
Location: SillyCon Valley, California, and Powell, Wyoming, USA, plus The Universe
Contact: Website

Re: NSA spying and Raspberry Pi

Sun Sep 08, 2013 9:15 am

I worked in the Intel Community (IC) and while there are a few bad bananas of the Snowden type, as well as those who abuse their position of trust to monitor exes, etc., by and large the agencies are full of law-abiding, hard-working stiffs who use the "would I want this done to me?" test every day. There are hordes of lawyers looking for illegal activities and they find and have them dealt with the way most of us would want.

The problem with massive conspiracies is that they have to be kept absolutely secret by everyone involved and that's just against human nature. People screw up the most mundane things all of the time, and yet they're supposed to be able to somehow turn off the mistake/bravado/arrogance/lie/etc., facets of their personalities from 9 to 5 every day of every week, month in and month out, year after year, blah, blah, blah. Who are these superhumans and how do we make more of them who can be flawless in their every move and action?

WikiLeaks was supposed to reveal to the world that governments, especially the supposedly all-powerful U.S. Government, were massively evil and out to control every aspect of our lives. Instead, it just put a lot of confidential informants at risk of death and much worse, while showing that the known $#!t birds (KSBs in the professional IC parlance) were at least as bad as expected and occasionally worse. It also demonstrated that our officials basically got things right and tried to do their jobs properly, with some occasional doozies of screwups. It was the Saudis who wanted us to take out Iran, other countries' ambassadors who bad-mouthed Sarcozy and Berlusconi, etc.

Spying on other countries is what intelligence agencies do, both ours and theirs. There are over 50 stars on the wall in the public entrance to the CIA, and most have no names or stories associated with them there, but they do inside the secure areas. They're a constant reminder that there really have been Napoleons, Hitlers, Stalins, Kim Il Sungs, Mao Zedongs, Pol Pots, Idi Amins, Milosevics, and legions of others too numerous to count.

If you want to take on a conspiracy, I would focus on the unelected business people who run the credit rating agencies, investment rating agencies, banks, retailers, advertisers, lawyers, and hundreds of thousands of others who do real and permanent damage to millions of peoples' lives every day through mistakes, incompetence, maneuvers, manipulations, and lies that are nearly impossible to fight successfully. Where are the perps who nearly destroyed the financial systems through their arrogance and betrayal, for which the five year statute of limitations is about to expire?

Where is the outrage over the obscene amounts of money that are spent on political media campaigns that are essentially just garbage pits full of refuse? Those are our public airwaves, not theirs, and they have no more right to claim freedom to do what they please with them than any of us do. U.S. Senators are virtually all millionaires, the few who aren't are well on their way, and the usual path to Senator is through the House of Representatives. Representatives of whom, you may ask? Certainly not me or anyone I know, that's for certain, but I hang out with a fairly well-informed crowd, especially those who gather around the warm glow of the screen here and similar forums.

Anyway, it just frosts me when every honest person in the vast majority is painted with the same broad brush laden with muck who don't deserve to be treated that way in any way, shape, or form. No one sees their hard work and endless hours and I just wanted to assure everyone that they really are there fighting the good fight and trying to keep the barbarians at the gates. Thank you for your kind attention and we now return you to your life, already in progress.
The best things in life aren't things ... but, a Pi comes pretty darned close! :D
"Education is not the filling of a pail, but the lighting of a fire." -- W.B. Yeats
In theory, theory & practice are the same - in practice, they aren't!!!

Heater
Posts: 13704
Joined: Tue Jul 17, 2012 3:02 pm

Re: NSA spying and Raspberry Pi

Sun Sep 08, 2013 10:46 am

Jim,

I wholeheartedly agree with almost everything you said above. Especially when it come to all the unaccountable businesses making use of God know what info they have scrapped up from everywhere.

Snowden though as far as I can tell put his life on the line by standing up and pointing out illegal activities going on in government institutions. As such he is on the side of the citizens and should be regarded as a national hero rather than some evil spy.

If you want to know who those super humans are who can end up doing evil from 9 to 5 and in their spare time as well you need only look at normal people all around you. You only need to look at the history of Germany or Russia to see how this can happen. I see no reason to believe any country is immune to this happening. For this reason we should be eternally vigilant in keeping an eye on these secretive organizations. Snowden was part of that Vigilance.
Last edited by Heater on Sun Sep 08, 2013 1:16 pm, edited 1 time in total.
Memory in C++ is a leaky abstraction .

User avatar
redhawk
Posts: 3465
Joined: Sun Mar 04, 2012 2:13 pm
Location: ::1

Re: NSA spying and Raspberry Pi

Sun Sep 08, 2013 11:11 am

Putting backdoors into the Pi or any other computer would be difficult if not impossible with such a variety of different hardware and not to mention the fact you still need someway of communicating with them.
The most obvious hack would be to compromise a router or gateway machine with hidden code and use a non-standard TCP/IP protocol as means of transport since it's not so easy to check.
I'm sure NSA and GCHQ have their grubby little fingers at Telehouse and other data centres but we'll never know for sure.
Personally I'm not bothered if they're checking people emails if they have nothing to hide then they have nothing to fear.

Richard S.

ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 6058
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Re: NSA spying and Raspberry Pi

Sun Sep 08, 2013 11:13 am

Hey Jim,

I am going to play devil's advocate a bit, but these are thoughts that cross my mind when I hear sentiment similar to what you express. Just wondering what your take is in response.
I worked in the Intel Community (IC) and while there are a few bad bananas of the Snowden type, as well as those who abuse their position of trust to monitor exes, etc., by and large the agencies are full of law-abiding, hard-working stiffs who use the "would I want this done to me?" test every day. There are hordes of lawyers looking for illegal activities and they find and have them dealt with the way most of us would want.
I don't think the issue is with those the honest law-abiding employees, but with the bad bananas. Lawyers looking for illegal activities? That's a start, but it seems like lawyers are to advice what is legal and what isn't rather than track down illegal activity. I would hope that it would be impossible to arbitrarily access people's information without some sort of warrant. Why is the system such that employees can monitor their exes in the first place? How is Snowden a bad banana? Isn't it your duty to speak up if you're being asked to do something you think is not morally justified.
The problem with massive conspiracies is that they have to be kept absolutely secret by everyone involved and that's just against human nature. People screw up the most mundane things all of the time, and yet they're supposed to be able to somehow turn off the mistake/bravado/arrogance/lie/etc., facets of their personalities from 9 to 5 every day of every week, month in and month out, year after year, blah, blah, blah. Who are these superhumans and how do we make more of them who can be flawless in their every move and action?
There are lots of government operations that were kept secret. The Manhattan project being one example. Then there are all the ones if found out about way after it was no longer important, like MK-UTLRA. It seems naive not to assume that there are operations going on right now that most people would find abhorrent. But yes, these things to leak, you only have to look as far as Snowden, Manning and Vanunu to see that (and how these people are treated afterwards).
WikiLeaks was supposed to reveal to the world that governments, especially the supposedly all-powerful U.S. Government, were massively evil and out to control every aspect of our lives. Instead, it just put a lot of confidential informants at risk of death and much worse, while showing that the known $#!t birds (KSBs in the professional IC parlance) were at least as bad as expected and occasionally worse. It also demonstrated that our officials basically got things right and tried to do their jobs properly, with some occasional doozies of screwups. It was the Saudis who wanted us to take out Iran, other countries' ambassadors who bad-mouthed Sarcozy and Berlusconi, etc.
I don't think that's what wikileaks was supposed to reveal, but gunning down journalists and children from apache helicopters is not an example of people doing their jobs properly.
Spying on other countries is what intelligence agencies do, both ours and theirs. There are over 50 stars on the wall in the public entrance to the CIA, and most have no names or stories associated with them there, but they do inside the secure areas. They're a constant reminder that there really have been Napoleons, Hitlers, Stalins, Kim Il Sungs, Mao Zedongs, Pol Pots, Idi Amins, Milosevics, and legions of others too numerous to count.
The issue is that we're spying on our allies (who are in turn spying on us) and our citizens, not that we're spying on regimes that are a potential threat.
If you want to take on a conspiracy, I would focus on the unelected business people who run the credit rating agencies, investment rating agencies, banks, retailers, advertisers, lawyers, and hundreds of thousands of others who do real and permanent damage to millions of peoples' lives every day through mistakes, incompetence, maneuvers, manipulations, and lies that are nearly impossible to fight successfully. Where are the perps who nearly destroyed the financial systems through their arrogance and betrayal, for which the five year statute of limitations is about to expire?

Where is the outrage over the obscene amounts of money that are spent on political media campaigns that are essentially just garbage pits full of refuse? Those are our public airwaves, not theirs, and they have no more right to claim freedom to do what they please with them than any of us do. U.S. Senators are virtually all millionaires, the few who aren't are well on their way, and the usual path to Senator is through the House of Representatives. Representatives of whom, you may ask? Certainly not me or anyone I know, that's for certain, but I hang out with a fairly well-informed crowd, especially those who gather around the warm glow of the screen here and similar forums.
Because there are other issues that affect the world, does not mean that these are any less important.

gsh
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 1442
Joined: Sat Sep 10, 2011 11:43 am

Re: NSA spying and Raspberry Pi

Sun Sep 08, 2013 12:00 pm

Yeah while we were designing the 2835 processor, we were approached by a man in a bowler hat who went by the name Slugworth...

He said that we had to add a special nuclear particle made from a strange anti-matter which enabled them to spy on people's downloading activities... Obviously we did exactly what they said because the mind control drugs were really good.

Gordon
--
Gordon Hollingworth PhD
Raspberry Pi - Director of Software Engineering

Heater
Posts: 13704
Joined: Tue Jul 17, 2012 3:02 pm

Re: NSA spying and Raspberry Pi

Sun Sep 08, 2013 1:31 pm

redhawk,
Personally I'm not bothered if they're checking people emails if they have nothing to hide then they have nothing to fear.
This argument is made everywhere in response to discussions like this.

It is so hopelessly flawed I don't know why it persists. It makes the assumption that those doing the watching are always law abiding and have no agenda other than to catch "bad guys". And who ever defines "bad " here?

Let's make an example. You as a law abiding and generally nice guy spot an opportunity to open a restaurant at a nice location with a cheap rent. You discuss it, over the net, with your friends or family or business partners. Boom, some snoop on the end of the net finds out, snaps up the rental and shatters your dream. This kind of stuff has been going on forever and the net can speed it up no end.

The argument also assumes that the government and it's snoopers are not going to change. The culture can change, the politics can change, sometimes very rapidly. All of a sudden whole new classes of people can be seen a "problem". You may well be in one of those classes.

You really should think about this some more.
Memory in C++ is a leaky abstraction .

Heater
Posts: 13704
Joined: Tue Jul 17, 2012 3:02 pm

Re: NSA spying and Raspberry Pi

Sun Sep 08, 2013 1:38 pm

gsh,

It's fun to make light of conspiracy theories. And no I don't really expect back doors to be planted in hardware at this time. On the other hand that does not mean to say that we should not eternally watch out for such developments.

Those who live or have lived under oppressive regimes will not be laughing at your frivolity.
Memory in C++ is a leaky abstraction .

User avatar
jojopi
Posts: 3085
Joined: Tue Oct 11, 2011 8:38 pm

Re: NSA spying and Raspberry Pi

Sun Sep 08, 2013 3:27 pm

Since Broadcom is fabless, is it even necessary for the NSA to have infiltrated them? Perhaps during photomask generation they have fabs detect hardware random number generators, and replace them with keyed PRNGs.

User avatar
duberry
Posts: 379
Joined: Mon Jan 28, 2013 10:44 pm
Location: standing on a planet that's evolving. And revolving at nine hundred miles an hour

Re: NSA spying and Raspberry Pi

Sun Sep 08, 2013 4:30 pm

gsh wrote: Slugworth... ..strange anti-matter ...
Obviously we did exactly what they said because the mind control drugs were really good.
funny i always thought mind disruption seemed far more likely/achievable/easilly distributed than control ,
control has always seemed more fictitious ideal than concrete reality
( ?Reification ?)
lend me your arms, fast as thunderbolts, for a pillow on my journey.
If the environment was a bank, would it be too big to fail
so long; and thanks for all the pi

markokrajnc
Posts: 11
Joined: Sun Sep 08, 2013 8:14 pm

Re: NSA spying and Raspberry Pi

Sun Sep 08, 2013 8:55 pm

redhawk wrote:Putting backdoors into the Pi or any other computer would be difficult if not impossible with such a variety of different hardware and not to mention the fact you still need someway of communicating with them.
Heater wrote:They have enough transistors in the Raspi Soc to put a backdoor in the hardware.
Then again the same is true of SD cards, USB hardware, network hardware, disk controllers etc etc.
Just imagine a RFID like little NSA hardware piece, which collects energy from the interrogating EM field, process the command and send the result over over radio waves.

It could be silently embedded into your SD card (which is btw. plugged out and sitting somewhere on your shelve) and when the NSA agent on the street sends a command: "NSA here, please identify yourself."
it answers: "SD Card #1234567 here."

Then agent could say "NSA here, #1234567 please send all file names..." and the SD card will send the directory listing... and so on...

No need for internet, routers, electricity... And you will never know, that your data has been stolen... And I think this is technically possible to implement with today's technology!

In this case paper is better than SD card for storing sensitive data: it is harder to break into an appartement and find a peace of paper without leaving any traces, than to collect data from "NSA enhanced SD card"...

Even old hard drives are better, because NSA would need much stronger interrogating EM field to power on the hard drive remotelly than to power on the SD card...

Paranoic or realistic? Decide for yourself... :D

:-)

jamesh
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 23981
Joined: Sat Jul 30, 2011 7:41 pm

Re: NSA spying and Raspberry Pi

Mon Sep 09, 2013 8:18 am

gsh wrote:Yeah while we were designing the 2835 processor, we were approached by a man in a bowler hat who went by the name Slugworth...

He said that we had to add a special nuclear particle made from a strange anti-matter which enabled them to spy on people's downloading activities... Obviously we did exactly what they said because the mind control drugs were really good.

Gordon
Kudos for the Charlie and the Chocolate factory reference! (IIRC)
Principal Software Engineer at Raspberry Pi (Trading) Ltd.
Contrary to popular belief, humorous signatures are allowed. Here's an example...
“I think it’s wrong that only one company makes the game Monopoly.” – Steven Wright

Return to “General discussion”