The writing is quite confusing in trying to explain things but the gist of it appears to be that the person in question (1) applied for IP addresses through numerous companies created just for this purpose in order to bypass ARIN's restriction on the number of addresses it was willing to allocate to a single entity, and (2) made the obtained IP address ranges available to serve as VPN endpoints, so that "huge amount of traffic—some of it illicit or criminal—passed through its computer servers but wasn't traceable to the true originators."<p>He did keep track though of which VPN operator used which range at any given time, so perhaps the "true originators" could be traceable after all, assuming the VPN owners were willing to co-operate. In any case, he is only being prosecuted for (1), and the immediate reason for this is that a couple of US politicians were hacked with attacks originating from these addresses.
This story looks familiar. Oh wait: <a href="https://krebsonsecurity.com/2019/05/a-tough-week-for-ip-address-scammers/" rel="nofollow">https://krebsonsecurity.com/2019/05/a-tough-week-for-ip-addr...</a>
Relevant post by a former Mifco employee: <a href="https://news.ycombinator.com/item?id=22360642" rel="nofollow">https://news.ycombinator.com/item?id=22360642</a>
I can come up with at least 3 distinct meanings for “amassed VPN clients” and I’m still not 100% sure which is correct in this context. I take it that clients here refers to “paying customers”?
A related thread is <a href="https://news.ycombinator.com/item?id=22360642" rel="nofollow">https://news.ycombinator.com/item?id=22360642</a>.
Hmm.<p>I "obtained" 2^32 IPv4 addresses pretty easily; not sure if it's legitimate or not:<p><pre><code> for addr in range(2**32):
print('.'.join([str(addr >> (i << 3) & 0xFF) for i in range(4)[::-1]]))
</code></pre>
Edit: Well, this was unpopular. In case it's too subtle, my point is that the title is terrible.