Hackers crack Apple's iTunes gift card algorithm

Why does this need an algorithm at all? Why not make them all random numbers? People have to connect to your server to redeem them anyway.<p>Sounds like sloppy design.

Suppose you're running the team at Apple that works on the iTunes gift codes. What do you do here to cut your losses?<p>Obviously change the algorithm used to generate the codes for a start. And even though the codes themselves are indistinguishable from real codes, you can probably detect patterns in their use (ie, someone from a town in China who's never had an iTunes account before suddenly buys $100 of music) and prevent a subset those codes from being redeemed (with some very small amount of false positives).<p>What else would you do?

I'm really surprised they don't store all sold gift keys in some kind of database and rely solely on an algorithm.

I saw this story earlier today and I must say I'm still very skeptical about the truth behind it. I don't really buy it, sorry.

Is it possible that Apple might not mind so much if this encourages people to buy more iPods at the expense of music sales? Depends on the relative margins, I guess.

I am more curious as to how the hacker even start on cracking the algorithm.<p>Do you suppose the hacker spent alot of $$$ on the real gift cards in the first place then go from there?