On Thu, Aug 5, 2010 at 8:41 PM, Taylor Singletary
<taylorsinglet...@twitter.com> wrote:
> We know this isn't ideal.

No, it's not ideal: It's far far FAR from it.

> But we're supporting OAuth 1.0a right now, and for the safety of our users,
> for the ecosystem, and for you: please don't distribute API tokens and
> secrets in your open source projects.

Two wrongs here: First of all, you're saying that closed source apps
are safer for your users ('cause, in theory, the keys are harder to
get). That's false 'cause you can't assure, nor your users and neither
the ecosystem that a certain application will "call home" and send
information it shouldn't. Even worse for the "ecosystem" is that you
guys are forcing applications to be removed from it.

The second wrong is that you're, basically, telling us that we should
punish our users with a more complicated UX because we decided to
provide them with more freedom.

I may sound pissed and I am: Twitter was build on top of open source
apps (like Rails and now Cassandra) and basically you guys are
slapping every other open source application that use your APIs in the

Julio Biason <julio.bia...@gmail.com>
Twitter: http://twitter.com/juliobiason

Reply via email to