I 100% agree.

But another idea just struck me, why not put the OAuth part of your app in a 
DLL (at lest the authentication and communication with twitter part) and hard 
code it their.

You lose some of the open source nature of the app but it will be secure.

Sent using BlackBerry® from Orange

-----Original Message-----
From: Cameron Kaiser <spec...@floodgap.com>
Date: Sat, 30 Jan 2010 23:02:18 
To: <twitter-development-talk@googlegroups.com>
Subject: Re: [twitter-dev] Re: a security problem puzzled me about using oauth 
        in  Desktop Client

> OAuth as-is just wasn't designed for desktop apps, period. Square peg,
> round hole. If Twitter is insisting on it, I'd rather this was
> portrayed as a trade-off for increased user security, than a solvable
> problem -- I don't think it is.


------------------------------------ personal: http://www.cameronkaiser.com/ --
  Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com
-- "I'd love to go out with you, but I'm in perpetual denial." ----------------

Reply via email to