Sign in with
Sign up | Sign in
Your question
Closed

iTunes Gift Certificates Reverse Engineered

Tags:
Last response: in News comments
Share
Anonymous
March 15, 2009 9:11:57 PM

These thieves are probably the same ones responsible for viruses and the like making many lives a misery.

Why don't they use their skills to create something useful?
Score
-4
March 15, 2009 9:19:26 PM

Probably because this is "useful" to them...

But seriously though, Chinese hackers can reverse engineer anything these days! It's only matter of time until they crack other, more serious things too...
Score
3
Related resources
March 15, 2009 9:31:45 PM

US$0.99 is still the same price for a song if i were to buy an actual cd containing an average of 10 songs, so yeah I get y they do this
Score
-8
March 15, 2009 9:34:24 PM

I think iTunes songs should be available at a higher bit-rate and I think charging to upgrade to iTunes plus is irritating, but in spite of my complaints I can't be moved to support piracy, particularly when iTunes is a great alternative to purchasing in-store. While things need to change in the music industry, it's not justification for attempting to ruin the better part of the industry because you couldn't be bothered to pay for the goods and services you desire.
Score
11
March 15, 2009 10:18:20 PM

Apple is too stupid to base its vouchers on algorithms instead of database...incredibly stupid.
Score
18
Anonymous
March 15, 2009 10:42:06 PM

selling in china auction site does not mean it is from that country. Can someone confirm where it is actually from?
Score
-4
March 15, 2009 10:46:00 PM

FlameoutUS$0.99 is still the same price for a song if i were to buy an actual cd containing an average of 10 songs, so yeah I get y they do this

I bought "Revolutionary Vol.2" for $12, and it had 18 songs on it. That's less than $0.67 per song, not including the art that went into creating the case, and the fold out pages with lyrics. Not to mention the fact that the quality is much higher and that I can rip it into any format of my choice.

$0.99 for some relatively low quality file seems like a huge rip to me.
Score
12
March 15, 2009 11:58:37 PM

People are always going to find ways to circumvent a system. It seems that it's part of human nature. I don't support piracy, but I certainly don't feel too terrible that Apple's deep pockets are being picked. If anything, these hackers did Apple a favor, showing them fundamental flaws in the security of these algorithms. Why not consider the profits of the exploit payment of a "consulting fee," and move on, lol...

Anyone else old enough to remember "them" telling us that CDs were going to eventually sell for $5 each because they'd be cheap to replicate, etc, etc? Well the record companies kept the prices up all these years to keep profits high. They got what they deserved when file sharing took off, and I think that Apple is seeing the business end of the whip, too.

When you run a business, there's always a point where you must change or die. Basically, you adapt to the market, or you close up and fail. It's time for change... higher bitrates, lower prices... whatever. Change, or fail.
Score
11
March 16, 2009 12:03:30 AM

dariushroApple is too stupid to base its vouchers on algorithms instead of database...incredibly stupid.


You are so damn right :p  Every algorithm can be reverse engineered if you have a big enough sampe :p 
Score
16
March 16, 2009 1:50:32 AM

I wouldnt mind buying music, if a single song cost 10c.

At 99c, I think i'll get my music "elsewhere".
Score
5
March 16, 2009 1:59:07 AM

But Apple...it just works?
hehehehehe
Score
2
March 16, 2009 2:36:57 AM

Wtf all you talkin bout Willis?! Apple is infallible, come on, since when have they EVER admitted "wrong doing?" IE getting owned by Creative, and settling out of court for STEALING ideas, long already "innovated." Apple is all about extra helpings of dressing and making snobs feel even more elevated.

Here I've googled it for you all: http://tinyurl.com/chtc8s

Decent hardware, but their "image," is trite and haughty, just like many of their user base. Better or worse, Apple will always be alive and well b/c there's too many people that wanna pretend to be "better" or more "informed" than the rest of "us." Go APPLE! HAHAHA
Score
1
March 16, 2009 2:40:03 AM

thejerkPeople are always going to find ways to circumvent a system. It seems that it's part of human nature. I don't support piracy, but I certainly don't feel too terrible that Apple's deep pockets are being picked. If anything, these hackers did Apple a favor, showing them fundamental flaws in the security of these algorithms. Why not consider the profits of the exploit payment of a "consulting fee," and move on, lol...Anyone else old enough to remember "them" telling us that CDs were going to eventually sell for $5 each because they'd be cheap to replicate, etc, etc? Well the record companies kept the prices up all these years to keep profits high. They got what they deserved when file sharing took off, and I think that Apple is seeing the business end of the whip, too. When you run a business, there's always a point where you must change or die. Basically, you adapt to the market, or you close up and fail. It's time for change... higher bitrates, lower prices... whatever. Change, or fail.


Nagh you forgot another option: Change, Fail... or CONTROL the "market!" Control it and thus you have no reason to "change," even if that's what the consumers demand/need/everyone would benefit from. The RIAA/MPAA are trying their best to maintain CONTROL Vs change. "Change," scares big business, and COSTS them "PROFIT." lol... They'll resist change as long as they can maintain control... same old news.
Score
4
March 16, 2009 3:42:57 AM

Side effect of the DMCA law. Cracking DRM or any encryption is illegal in USA, but the law never sopped criminals. Now, if only security researches ware allowed to do reverse engineering Apple could have early notice and replace the algorithm or the business model before it becomes a public problem. They support DMCA they deserve the penalty.
Next would be the Credit Card banks. They are actively suppressing the independent security research on RFID credit cards. Before you know someone will put small device next to the door of the big store and copy everyone's card even if it is into their pocket. That is what happens when our politicians votes for laws that protect old dinosaurs.
Score
5
March 16, 2009 3:47:32 AM

Really who cares..I'll say it again....people will always find a way to get what they want. Oh well. Learn or die...business wise and security wise.
Score
2
March 16, 2009 6:14:58 AM

The problem with this is not so much for people who will pirate songs but people can also use these $400 gift cards to buy real Ipod products. Too bad i live in canada, I would love to buy an ipod touch for 20 dollars lol
Score
0
March 16, 2009 6:46:00 AM

How could one not say the criminal act of theft is not crossing the line? They generated the code worth monetary value without surrendering any money - so if not theft, it is at least counterfeiting non-governmental legal tender.

While I agree Apple shares some of the blame for using an algorithm alone (versus an algorithm for 'fast processing' followed by verification in a database), it does not make the criminal act any less so. If you walk into a convenience store and do not see an attendant, it does not mean you are free to grab whatever is close by and leave legally.

As to the price per song, that's a bit more complicated. The lack of physical media and warehouse/distribution chains reduce costs, but maintaining servers and paying bandwidth probably eat much of that up. Thus, for individual DRM-free songs I think $0.99 is reasonable. If you buy a whole set of songs at the same time, it should cost no more than the marketed package (either the cost of the CD or the multi-CD set at MSRP). For songs with DRM on it, the $0.99 price should be reduced to reflect the restricted nature of the product.

Would I pay $0.99 per song? No. I believe that the artists of the songs should be the main recipients of the income, much in the same way that I believe that farmers should be the recipients of the cost of food I purchase. Next should come the retailers of the product who act as "intermediary" purchasers - sine they should assume a risk if the product does not sell. Last should come the supplemental manufacturing chains - such as the studios that maintain the costly equipment to record the songs and pay the engineers to make it sound perfect. The current system does not support this pricing structure.

Of course, the RIAA tactics have prevented me from buying music for several years. I will not buy original CDs, used CDs (which helps drive the original CD markets), or digital songs due to what I view as criminal extortion (the 'settle for $3k or we'll sue and cost you more than $3k in legal fees' tactic). Honestly, its not all that bad - I've rediscovered the pleasure of reading again... that, and I now have time to come to Tom's and post! :) 
Score
1
March 16, 2009 7:53:13 AM

Consider it part of the new stimulus plan, it's great for economic recovery! Woops, nm...
Score
0
March 16, 2009 8:53:45 AM

Although I told piracy isn't stealing most of the time, *this* is not piracy, *this* is stealing.
Don't know what they were thinking at Apple, but, relying on an algorithm to verify authenticity of a code, but not to check them up from a database called for the trouble. It's plain stupid.
Score
0
March 16, 2009 11:46:29 AM



I agree, digtial distribution versions should be dirt cheap.
Score
0
March 16, 2009 12:04:45 PM

Apple is fucked – what can they do? Of course this is stealing, even if you don't agree with paying $1 for a crappy (lossy) digital format. It just goes on to show that the whole digital world requires a paradigm shift if the record industry (and probably also the movie industry in the long run) wants to have any chance for survival. Once something makes it out there in digital format, it spreads like wildfire and there's no way you can stop it, legal or not.
Score
0
March 16, 2009 12:05:05 PM

As always, some (many?) morons think that stealing can somehow be legitimized by claiming unfair pricing. Stealing is stealing. It is taking something and not paying the seller the asking price. If you don't like the price, don't buy it. Stealing is only and entirely just stealing. How much more clear can this be made?
Score
0
March 16, 2009 12:39:37 PM

I think .99 cents is fair for a DRM free full version of a song. I do not think the hackers are out of line with respect to price of a song, they are not out to GET the music industry, just make a buck, they are however doing it illegally, and thus for that part they are way out of line. It really is funny how pathetic Apple is, and just how fervently godlike they are to the people who beleive in them. Here we have a major seller using crappy coding for basically their entire business model. Nice job JOBS.
Score
0
March 16, 2009 1:00:32 PM

cool. hope they decide to do the wii point card's next
Score
0
March 16, 2009 1:09:12 PM

What makes this really wrong is that they are actually making profit out of those codes IMHO. That is plain stealing.
Score
0
March 16, 2009 1:57:22 PM

hmm.. yeah. If you supply a valid code you are not stealing anything, the code allows you to legally download the music. If you leave your TV on your front lawn, someone will take it aswell. (Did they really steal it? Or did you temp them to take it?)

In response to the convenience store analogy, you are incorrect. The idea here is similar to paying $40 to receive $200 worth of VALID US DOLLARS. The code exists and therefore is worth it's value to Apple.

Considering that Apple rips off it's customers, selling them a PC in a $1000 dollar case or whatnot, they are the ones that started by ripping off customers, now the customers have simply turned the tables, lol.

"What makes this really wrong is that they are actually making profit out of those codes IMHO. That is plain stealing." - Nope, they provided a service. They put time and effort into this project, this is not stealing on their part. They are stealing as much as Apple or any other company is stealing for developing their products.

Nonetheless, they are selling a code that they generate. It does not matter what their code does, they have created the code and therefore they are not doing something unethical. It is Apple that is doing wrong by giving away discounted music to people that supply a code that has not been backed by the proper funds.

The fact still remains that if you do not run a secure network, someone will take your data. This really shouldn't be illegal, we are using computers and it is tempting to do interesting things with them.

The fact that their are laws that govern computer usage should be the real crime here. This is not the real world, it is a computer. There should be no laws.

But the fact still remains, if I had 100 music files that I did not pay for, it would be illegal. Though, if I would not have bought them legally - the music industry lost NO money. Surely some people have thousands of music files, though if they would only have purchased several hundred of them legally if they had to, they really didn't steal much at all.
Score
-1
March 16, 2009 2:19:00 PM

PV9685:

I was going to say that your comments were nonsense, but I think you bring up an interesting point. There may be some strange legal technicality, but generally, I can't see where selling a code number is illegal. If the purchaser's agreement does not say that the card is just a transfer mechanism and you must have paid the dollar value for the dollars represented on the card, then it is not your problem.

There are some strange laws surrounding DVD encription, but it is a weird legal area.
Score
0
March 16, 2009 2:24:01 PM

"If you supply a valid code you are not stealing anything, the code allows you to legally download the music. If you leave your TV on your front lawn, someone will take it as well. (Did they really steal it? Or did you temp them to take it?)... The fact still remains that if you do not run a secure network, someone will take your data."

So basically it's not stealing cause it was not a secure enough network, similar to the case of the TV in the lawn, well if you leave your TV in your locked house and someone breaks in to take it then it's not stealing because the house wasn't secure, at least not secure enough for the robber who can pick the lock, so it makes it ok to take the TV, it would be a crime only if the house was secure (yeah right we should evaluate if the house was "secure" enough before we decide who is the rightfully owner of the TV), and if you are a master in breaking in then you can take anything you want because noting is secure according to you.

Sorry, I don’t buy this theory.
Score
3
March 16, 2009 2:34:39 PM

ok this goes beyond downloading torrents, this is actual theft! This is no different then reverse engineering wal-mart gift cards and going to buy stuff with it.
Score
0
March 16, 2009 2:54:58 PM

I am curious how Apple is going to resolve this issue.

If you consider how many unspent legitimate gift cards are out there worldwide, Apple can’t just void all gift cards and build a new system. How is Apple going to know which are legit and which are frauds without a database of some sort?
This is a nasty, nasty situation for Apple.
Score
0
March 16, 2009 3:23:21 PM

bad day, isn't it steve? :D 
Score
0
March 16, 2009 5:22:08 PM

people are always complaining about the cost of a song or music in general. how about everyone takes a moment to stop and think what you just ate for lunch today, how much did that cost? did you really need the $5-$10 meal? only to be flushed away down the toilet the next day...this concept blows my mind, music that is purchased should last and be enjoyed for years and years! and for the folks that say, 'well you need to eat', yes we do, but eating the fine fast foods that make up most diets are not necessary.

So my question to all is, how come we as a society are complaining about the cost of FOOD, etc...
Score
-2
March 16, 2009 6:34:14 PM

"So basically it's not stealing cause it was not a secure enough network, similar to the case of the TV in the lawn, well if you leave your TV in your locked house and someone breaks" ...I think you are misinterpreting the point. The point was that if you use a simple code, especially one that can be reversed - then someone might just be tempted to take the time to see how to create valid numbers.

Apple was not generating RANDOM codes, they were generating set codes that could be generated by anyone knowing the algorithm. If Apple had decided to create truly random codes and check them against a database of codes, it would be hit or miss creating codes. Instead they were sloppy.

The point of the TV on the front lawn, which you grossly misinterpreted - was that the TV on the front lawn is going to draw the attention of everyone passing by - eventually someone will give in to temptation. you misread by believing that the lawn dealt with security.. nope, simple temptation.

The same goes for MS Key's, someone wanted to create new ones... so they did. It is well known in the computing world that if you create a code based on an algorithm, that someone WILL try to reverse it if there is VALUE behind it.

Apple didn't innovate, they used an age old technique that has been proven to be a failure time and time again. The way I see it, a monkey could have prevented a problem like this.

Let's remember - This isn't windows, where the code is checked against a file containing an algorith, allowing you to install software... It's iTunes - Connected to a network that can check the validity of the code.

Apple resolve this issue? - Think about it, the codes that are being used, may already have been used for cards that already went out. If you have a card in your hand, they can't say it's invalid (if it is valid) - if the number has already been used you are going to deal with apple. Who is to say when that card will be used, this is quite an issue.

They are more than likely going to have to take a hit, stop selling cards based on the current technique soon, and phase them out - then stop honoring the codes.

Or, if they kept a listing of all the codes generated so far (which I would assume they did), they'll have to start checking them... But, someone may still generate and use the code before you get it.

Quite a catastrophe!

Though, don't be so hateful of everyone that "steals" on the internet. Some people are genuinely poor - just taking what is downloadable from large corporations. Hence the idea - If I install XP and do not pay for it, I am not hurting MS if I would have used Linux instead and not given them money anyway. (Though I personally own Vista legit.. lol) - Actually, it would be more hurtful to MS if I did not buy Windows, and purchased a competing product. hmm.. interesting. So in that case, would piracy help or still hurt? interesting.
Score
0
March 16, 2009 6:49:32 PM

Quote:
Though, don't be so hateful of everyone that "steals" on the internet. Some people are genuinely poor


if they were genuinely poor as you put it then how would a genuinely poor person be able to afford internet access or even a computer to download music?

Score
0
March 16, 2009 6:57:29 PM

"The point was that if you use a simple code, especially one that can be reversed - then someone might just be tempted to take the time to see how to create valid numbers."

And if you install a low quality lock in your house, especially one that can be picked - then someone might just be tempted to take the time to see how to get in and steal your stuff.

"Apple didn't innovate, they used an age old technique that has been proven to be a failure time and time again. The way I see it, a monkey could have prevented a problem like this."

Apple incompetence does not makes it right to steal from them, that is the whole point, yes they should have use a more secure system, and I bet they learned their lesson, but that does not negates the fact that the fake/legit codes were sold, there is profit from this, so it's not the regular music/software for personal use download. I'm not hateful of everyone that downloads on the internet, I'm actually from Costa Rica and I get tour point when you say that some of this people are poor and download for personal use, but the whole selling of the codes changes things for me, this is now a business.



Score
0
March 17, 2009 1:54:56 AM

Wow that's stupid on Apple's part. 99.99% of all other gift cards are activated upon purchase, using a central database. Leave it to Apple to reinvent the wheel (then charge $3500 for it, and claim they discovered it).
Score
0
March 17, 2009 8:33:25 PM

i never buy e-musics, i always buy cds
Score
1
March 23, 2009 12:29:23 AM

It is interesting that Apple has not come out with a statement on this. By staying silent, they seem to be legitimizing the practice. Just go on eBay and you will see tons of deeply discounted iTunes gift cards. One has to ask, where are these people getting these cards? For more on this, see this post - http://blog.giftcardrescue.com/stolen-itunes-gift-card-...
Score
0
!