Hi Have been trying xAuth to authenticate a user in an iphone/android app made with Phonegap/HTML/JS. The connection works well but i cant see a good way to secure the Consumer key and Secret in the app.
Apps can obviously be decompiled and these parameters can be discovered but Twitter allows this method of security. A proxy script seems pointless as a hacker can simulate the app making a request Seems the worst that can happen is that a hacker can copy the strings to use xAuth on their own app Is it worth making any effort to encrypt these strings? Thanks -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk
