
The Great $50M African IP Address Heist - feross
https://krebsonsecurity.com/2019/12/the-great-50m-african-ip-address-heist/
======
wmf
Silly criminal, you're supposed to resign from your regulatory job first,
_then_ found a company to steal (er, efficiently allocate using the free
market) public resources the next day!

~~~
duelingjello
Public-private partnerships allow this sort of vulture capitalism without
resigning. Or, have your friends do it.

~~~
dmix
Public-private organizations, but capitalism takes all the blame naturally.
It's the perfect material for selling people on pure state-run businesses to
less informed citizens IMO.

Don't get me wrong though, the public/private trend of the last two decades
really has been a cancer on society. I wish more market-leaning people
realized this, since a ton of conservatives push it as some half-baked
solution to "big government". We're all sold these benefits of "free" markets
when the organization looks or operates nothing like a marketplace with
legitimate competition nor with the transparency or responsibility towards
externalities that public organizations bring.

It really is an opaque proxy for politicians and corrupt business leaders in
the community whose only skill is working gov contract systems to have even
less transparency and plunder public money. It's a worse-worse solution, gift
wrapped as some more efficient pseudo-market.

We need a stronger divide between either private or public. These compromised
middle grounds are a disaster. The US health market is the obvious example but
there are a thousands of smaller ones in every municipality.

~~~
SaltyBackendGuy
I wish more people would realize this _this_ is the crux of the problem. It's
not Socialism or Capitalism, it's corruption.

~~~
yoelo
And what drives this neither "socialism or capitalism" corruption? Not the
hunt for extracting profit by any means?

~~~
nicoburns
One might argue that it is simple greed, which is enabled by the concentration
of power, which happens both with economic power and regulatory power.

~~~
bitcoinbutter
And on top of that, one might argue that humanity is highly self-interested by
nature, and people with the greatest self-interest will be much more likely to
obtain power.

~~~
nicoburns
While there is an aspect of self-interest in humans, I find that we are often
a lot more altruistic than we are generally given credit for.

~~~
MayeulC
In this article dedicated to cooperation between drivers, it says that around
half of them are quite cooperative:
[https://arstechnica.com/science/2019/11/giving-autonomous-
ca...](https://arstechnica.com/science/2019/11/giving-autonomous-cars-a-
theory-of-mind-improves-their-integration/)

That behaviour split definitely sounds like an exploratory algorithm at work.

------
simbakhadder
Why would these spam marketing companies want to buy IPv4 addresses? Would
IPv6 not work? Or were they trying to assume the identity and reputation of
the companies that owned the IPv4 addresses previously?

Edit: Sendgrid answered my question in this post quite well
[https://sendgrid.com/blog/where-is-ipv6-in-
email/](https://sendgrid.com/blog/where-is-ipv6-in-email/)

~~~
getpolarized
For spam purposes, IPv6 is just as rare as IPv4... you can generally assume
that anyone in a /64 is the same owner.

... so really if you have 1000 IPv4 or 1000 /64 IPv6 it's about the same
number of IPs that you can use to spam from.

~~~
proto-n
I'm not sure how tolerated this is on HN, but I'm lazy to research background
on this. Could you please explain what a /64 is and why it is significant in
this regard?

~~~
tgsovlerkhgsel
A netblock. A "/n" means "a block of IP addresses where the first n bits are
the same".

This comes from the CIDR notation 192.168.1.0/24 indicating the netblock from
192.168.1.0 - 192.168.1.255.

So the number after the slash corresponds to a network size. The smaller the
number, the more bits are variable, i.e. the bigger the netblock.

An IPv4 /24 has 32 (address length) - 24 = 8 bits that are variable, i.e. 2^8
addresses. A /18 would have 32-18 = 14 variable bits, i.e. 2^14 addresses.

In IPv6, the address length is 128. A /64 (which happens to be the smallest
routable network size in IPv6) is 2^64 addresses - but because it's easy to
get large IPv6 netblocks (typical ISP allocations are /64, /56, and you can
often get a /48 with relative ease), for abuse blocking purposes, you
generally treat the entire /64 or even /56 as one entity (i.e. you ignore the
rightmost 64 or 72 bits).

A /56 is 2^8 separate /64s. A /48 is 2^16 separate /64s.

~~~
proto-n
That was very informative for me, thanks!

------
jedberg
> The global dearth of available IP addresses has turned them into a commodity
> wherein each IP can fetch between $15-$25 on the open market.

So a whole class C is only $6,500? Or is there a bonus for a contiguous block?

Even so, my friend owns his own Class C (since 1994), and I doubt he would
part with it for a mere $10,000.

~~~
CKN23-ARIN
RIRs only handle transfers of /24s or larger. I suppose it might be possible
for a "legacy" pre-RIR address holder to reassign ownership rights of a single
address, but I've never seen it happen for anything smaller than a /24\. Even
if it did happen, the addresses would be unusable on the Internet, since it's
common practice to reject announcements of anything smaller than /24.

Your friend (correctly, IMO) values his address block more than the market
does. They're regularly selling for $5000-6000 these days.

------
notlukesky
Insider jobs are unusually common in the non-private sector in developing
markets. They also occur in the non-private sector in developed countries but
not at the same scale.

The only "solution" in most of these developing countries is to have open and
transparent auctions without onerous rules (another way of gaming the process)
or to turn them into being private.

~~~
codetrotter
> the non-private sector

Aka the public sector. Or are there additional sectors that I am not aware of?

~~~
sansnomme
Weird NGOs that straddle the divide, think tanks, white collar unions aka
"professional associations" that somehow acquired regulatory powers; see
medicine, law, engineering, architecture etc. Corruption exists in all sorts
of places.

~~~
notlukesky
You framed it perfectly! There are so many non-private sector institutions out
there that I refrained from calling them even quasi public sector. In fact the
example you mention of "professional associations" that have acquired
regulatory powers is great as most of them are rife and riddled with
corruption and act to either the benefit of their management or members and
against the public interest.

------
geuis
I find this style of writing to be lazy and insulting.

“There are fewer than four billion so-called “Internet Protocol version 4” or
IPv4 addresses...”

They aren’t “so called”. That’s literally the terminology.

~~~
tlb
The usage aligns with definition 1 ("commonly named") but not definition 2
("falsely or improperly so named") at [https://www.merriam-
webster.com/dictionary/so-called](https://www.merriam-
webster.com/dictionary/so-called)

~~~
C1sc0cat
I have never heard of the "commonly named" usage certainly in modern usage "so
called" is always negative.

------
duelingjello
Man, if only I kept a former employer's Class C who no longer exists.

It's 206.197.48.0/24 and needs to be culled and auctioned off.

~~~
icedchai
I still have a Class C registered to me personally from way back in 1993.

