'Borrowing' IPv4 netblocks to get around address space exhaustion
I recently read a news story speculating that a black market in IPv4 address space would develop as the IPv4 address space became exhausted (which is allegedly happening fairly rapidly). In reading the story, it struck me that we could see an even more interesting and evil trick used by sufficiently desperate and underhanded organizations: just borrowing unrouted netblocks.
The trick goes like this. First, find a suitably sized netblock that is allocated but appears unrouted; then, find yourself a compliant ISP and get them to 'accidentally' announce and route the netblock for you. Who is really going to notice? And if they do, your ISP can always claim that it was an accident, since people screw up routing announcements all the time anyways. You'll have to get a new netblock (or a new ISP or both), but this is better than not being on the Internet at all.
(See, for example, the Renesys blog, which has covered various hair-raising accidents. Sadly, this sort of netblock hijacking is already routine technology; the trick is used by spammers to completely hide their tracks.)
Whether this is a viable trick depends on how much allocated but unused network space there is. My impression is that there is a fair amount of network space that various organizations got back in the early and mid 1990s (when the rules were much easier) that are not actually in use on the public Internet, either because the organization is now defunct or because people are sitting on the allocated address space in case they need it later.
(After all, IPv4 address space is getting scarcer and scarcer; if you were smart enough to get a /24 for yourself back in 1990, would you let it go? My understanding is that ARIN has no way to claw back such old legacy allocations, although I may be wrong by now.)
Would this ever get done for real? I honestly don't know. I'd like to think that it wouldn't, but at the same time if the IPv4 address space does get exhausted, there are going to be some desperate people. Sooner or later there will be startups and small companies that care less about doing it right than doing it at all.