[arin-ppml] Of interest?
Ronald F. Guilmette
rfg at tristatelogic.com
Wed May 15 15:41:48 EDT 2019
In message <FF11983C-91CE-44FF-A91A-AF44C6B1BB40 at arin.net>,
John Curran <jcurran at arin.net> wrote:
>It's far less likely that anyone would be able to reproduce this
>specific fraud, particular given that ARIN is now aware and can detect far
Well, can we talk about that just a little bit?
I will stipulate up front that I already know that you are going to make
the following requsite and pro forma disclaimer, so let's just assume
that you've already said it and then we can move on...
Unfortunately, ARIN is not able to discuss in detail any of the
many anti-fraud measures that we have put into place, and no
honest members would want us to do so anyway, because doing so
might help somde dishonest people and organizations to carefully
avoid detection of their frauds by ARIN Staff.
My question is a pretty simple one. I am looking at the following ASNs:
The various organizations to which ARIN issued these ASNs... and also much
additional IPv4 space... are alleged to be located in various U.S. states.
Funny thing... not a single one of them seems to actually be registered with
any of the relevant state authorities to do business in their alleged home
states. One is registered in Wyoming, even though it is supposedly
headquartered in Indiana, and the two others I've checked so far are only
incorporated in Delaware, even though they are allegedly located in other
states entirely. NONE are properly or legally registred to do business in
the states they claim to be located in.
So, is it just me, or is this not a red flag to anybody else? At the very
least, all of these companies were and are guilty of tax fraud at the state
level. You can't pay state level taxes if the state doesn't even know you
exist and/or if you have no state registration number... a number which
would be necessary in order to file a state tax return. This is just common
sense. (And none of us should forget how the notious gangster and bootlegger
Al Capone was finally brought down. In the end, they got him on tax evasion.)
So, you know, how about this: How about if, from now, on, *before* ARIN
issues anything to anybody, you folks at least verify that the entity to
which you are issuing stuff actually *does* have some legal existance
within the specific state or jurisdiction where said entity is claiming
to be located. And reason you can't do that? Any reason you won't do that?
This, it seem to me, is not exactly an onerous or difficult rule to either
enforce or to comply with. If it had been in place already for lo these
past several years, it might not have actually prevented all of this
Micfo-related fraud, but it would have made it all slightly harder to
pull off without being obvious about it. I mean if ARIN suddenly
received a big spike influx of requests, all from entities claiming
anonymous P.O. boxes in Wyoming as their headquarters... well... that
sort of makes it all stick out like a sore thumb, no?
And all these fradulent entities did/do use anonymous P.O. boxes as their
declared headquarters, yes? (I checked a few of them and that seems to be
the case for all of them.)
(Aside: In case it isn't obvious, I am distinctly *not* in favor of allowing
people who register either domain names or RIR number resources to use
anonymous UPS Store boxes as their "headquarters" addresses. Now we
have the clearest evidence possible that at least some of these folks
are provably up to no good. And I would claim... based on some con-
siderable evidence and experience, that 99% of them are.)
> but furthermore it is unlikely that we;ll end up with a waiting
>list policy that provides applicants with the very large address blocks
>(e.g. /17) of this past event.
Yea, well, I was sort-of wondering about that too.
I thought there was a severe shortage on. No? So how did these crooks
end up with such big blocks? Has the official shortage been canceled
or something? I didn't get the memo.
More information about the ARIN-PPML