Hi Tom,

thanks for response...yeah it's true, monitoring all traffic you can
verify many application's behaviors , but not all ( e.g. interaction
with the o.s. )..But if there's no else way I'll distribute the source
with hidden passwords and the release explaining why passwords are not

Thanks a lot,


On Sep 6, 3:41 pm, Tom van der Woerdt <i...@tvdw.eu> wrote:
> On 9/6/10 3:03 PM, Andrea Stagi wrote:
> > I'm developing a software under gpl, a simple twitter client for GNU/
> > Linux
> > systems...This software uses some private keys for oAuth
> > authentication that no one must know..My idea is to distribute the
> > source without keys (or filled by only 'X' character) and the relative
> > executable file...But it seems not so correct to me...There's no
> > certainty that my executable works as the source as the code
> > shows...How can I do??
> > Thanks in advance,
> > Best regards!
> Everyone asks that, nobody can answer it, because there is no real
> solution for the issue.
> Just put the keys in the executable but not in the source. Really, it's
> your only option. Well, actually that's not true, because you can also
> simply proxy all traffic via a server, but that's not ideal.
> Tom

Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 

Reply via email to