Username or EmailPassword
At least the iPod/iTunes limitation is done through technological blocks. The block against osX running only on Apple hardware amounts to "uh.. please, just don't do it even though we know it works just fine."
I can support security imposed through mechanism. It's the security imposed by requests that holds less water. Security in this case being the mechanism that validates the client hardware (iPod) to the server deamon (iTunes).
I don't really think the limitation is right but at least it's not done with fluff EULA clauses.