[twitter-dev] Re: Privacy issues with the proposed annotations feature
Brian, not to ignore privacy issues but just to simplify the situation a bit ... What currently protects a user from a malicious (desktop) application stealing all kinds of user data via submitting tweets through it's proxy? And even by submitting such information directly to it's website? On Apr 19, 2:03 am, Raffi Krikorian ra...@twitter.com wrote: Right now the web UI exposes every piece of metadata in a tweet to end-users. That is, an end-user can use twitter.com to check the complete contents of tweet sent by an application. I didn’t see anything in the proposals regarding the annotation feature that says that users will be able to see all the annotations through the web UI. And, even if they could see them, chances are they couldn’t understand them. And, even if end-users could understand them, applications will be able to use encryption and other obfuscation to make them impossible to interpret. This reduces the amount of control users have over their tweets. this wasn't always true -- there was a period where the web client showed no geo information at all. geo was an API only feature. at current time, it is still a bit unknown how the twitter.com webclient will utilize annotations (just like its unknown how the ecosystem will utilize annotations). I think there must be some kind of control mechanism in place for annotations, or the web UI must present all the annotations of a user’s tweets to that user, or both, in order to prevent the annotations feature from becoming a side channel for applications to communicate users’ private information without users’ knowledge or consent. I would like to know more about how this is going to be done. at this point, we're not planning to have any elaborate control mechanisms over annotations, however, your point of being able to use twitter.com as a debugging interface is an interesting one. -- Raffi Krikorian Twitter Platform Teamhttp://twitter.com/raffi -- Subscription settings:http://groups.google.com/group/twitter-development-talk/subscribe?hl=en
[twitter-dev] Re: Introduce yourself!
Hi, I'm Alex. London-based. Currently working on a conversation tracking application. My tools are .Net specific, thanks Mayo for LinqToTwitter library! Thanks to all of you for providing great advice! On Feb 21, 11:03 pm, Anton Krasovsky anton.krasov...@gmail.com wrote: Hi Guys, @ak1394 Anton Krasovsky, Dublin, Ireland. Author of PavoMe (twitter client for java mobiles). I've been working with twitter for about half a year, and my efforts are split between working on client application and backend server (which handles all communication between handset and Twitter servers, and is written in Erlang). So far the only twitter opensource released by me was an Erlang client library. I don't think anyone except me actually uses it. I'm looking forward to see xAuth avaiable - few users in China will appreciate not having to struggle with GFW to get their oauth tokens. http://github.com/ak1394/twerl http://pavo.me Regards, Anton On Fri, Feb 19, 2010 at 8:20 PM, Abraham Williams 4bra...@gmail.com wrote: We have not had an introductions thread in a long time (or ever that I could find) so I'm starting one. Don't forget to add an answer to the tools thread [1](Gmail link [2]) as well. I'm Abraham Williams, I've been working with the Twitter API and this group since early 2008. I do mostly freelance Drupal and Twitter API integration and personal projects. I love seeing the creative projects developers build or integrate with the API and look forward to meeting many of you at Chirp. TwitterOAuth [3] the first PHP library to support OAuth is built and maintained by me, and will hopefully see a new release soon. I also built a fun Chrome extension [4] that integrates common friends and followers into Twitter profiles. The feature I would most like added to the API is a conversation method to get replies to a specific status. So. Who are you, what do you do, what have you built, and what feature do you most want to see added? @Abraham [1] http://groups.google.com/group/twitter-development-talk/browse_thread... [2] https://mail.google.com/mail/#inbox/12680cd0fa59011e [3] https://chrome.google.com/extensions/detail/npdjhmblakdjfnnajeomfbogo... [4] http://code.google.com/p/twitter-api/issues/detail?id=142 -- Abraham Williams | Community Advocate |http://abrah.am Project | Out Loud |http://outloud.labs.poseurtech.com This email is: [ ] shareable [x] ask first [ ] private. Sent from Seattle, WA, United States
[twitter-dev] Re: The XML for user settings would be helpful
Dmitri, I believe such request still counts against your usage limit. Just to remember to stay within the boundaries :) On Feb 18, 10:15 pm, Dmitri Snytkine d.snytk...@gmail.com wrote: Sorry to bother you, but I found out that this feature is already available Turns out I can easily get user's profile as json or xml without using oAuth or API Very simple, like this: http://api.twitter.com/1/users/show/MythBusters.json This is just great! On Feb 18, 3:36 pm, Dmitri Snytkine d.snytk...@gmail.com wrote: I just though of something that would be very helpful to developers: what if there was a url to get xml or json of user's profile, background image, color settings and avatar. I mean similar to regular RSS feed, only for the current user's settings. This way we don't even need to use API if we want to generate a page that looks like user's own twitter page. And because it would be static files, they could be served from Twitter very fast and make use last-modified and etag headers. Currently if I want to style a page to mimin user's twitter page, I have to access thehttps://twitter.com/account/verify_credentials.json and for that I have to use oAuth call. But this is an overkill. Why do I even need to have user's token and secret just to get his latest profile that is basically available on his twitter page, I just don't want to to and scrape it from the actual twitter page. Why not give us the url to get these settings as json or xml the same way we can get the RSS for user's latest messages without having to use API
[twitter-dev] Re: OAuth maintaining tokens?
The way I did it for my website is to store the tokens in a db and put a custom persisting cookie on the user's browser. The user can 'sign- off' removing the cookie and will have to authenticate with Twitter next time she uses the protected functionality on my website. Or the cookie can expire/be deleted locally. But if the cookie remains intact user will be singed-in automatically. I think this approach is quite secure and still convenient to all parties involved. Alex On Feb 11, 4:53 pm, John Meyer john.l.me...@gmail.com wrote: On 2/11/2010 9:30 AM, Paul wrote: My question at last is then, what are good practices for the 3rd party site? Should the site request the user to reauthorize with Twitter each every time he/she comes to the site? Should the 3rd party site have it's own login/username/password for users and store the token in a database? Should it offer to store the token as a cookie on the user's computer? Different strokes for different folks. Whatever you do, make it clear what your site is doing to the user If you want to store a username/password for your own site and then store that authentication information in a MySQL database, tell them that. And explain to them that they can revoke authentication at anytime through the Twitter website.
[twitter-dev] Re: Looking for someone to help wiith oauth
Also check out LinqToTwitter, it includes a sample web application in C# On Feb 10, 10:33 pm, John Meyer john.l.me...@gmail.com wrote: On 2/10/2010 7:48 AM, Merrows wrote: I am seeking someone skilled in .NET 3.5, C# to help with implementing twitter oauth, and I would welcome any suggestions of how to find someone. TwitterVB implemetns oAuth and can be used with any .NET compliant language: http://twittervb.codeplex.com
