Bernd, totally. In answer to the OP, I was referring to the traditional server-based app.
These may one day constitute a numeric minority of apps, but will probably remain an important use case for some time to come. Really, all bets are off when you talk about stealing of the device. When there is a risk of theft, a device (phone, car etc) needs to be disabled, turned off etc. Publishing Bob's token, credit card details or other compromising information by that criminal Alice would be bad for Bob, I'll grant you that. On Sep 3, 8:43 pm, Bernd Stramm <bernd.str...@gmail.com> wrote: > On Fri, 3 Sep 2010 11:29:22 -0700 (PDT) > > Ken <k...@cimas.ch> wrote: > > What is the risk of storing a token? It can't be used outside your > > app. > > The token being confined to use "within" an app is very insecure when > the app runs on an end-user device. There soon will be a billion smart > phones, and many of those will run twitter apps. > > Then suppose user Alice finds out user Bob's token (perhaps by > borrowing or stealing a phone), and publishes it. > > User Bob now has no way to retire the token, short of disabling the app > that runs on millions of phones. Or Bob can get a new twitter user name. > > That's not what is normally called security. > > OAuth as currently done with twitter only works when the "app" runs on > a small number of secure servers. > -- > Bernd Stramm > bernd.str...@gmail.com -- Twitter developer documentation and resources: http://dev.twitter.com/doc API updates via Twitter: http://twitter.com/twitterapi Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list Change your membership to this group: http://groups.google.com/group/twitter-development-talk?hl=en