I'm trying to define a minimum viable product that I can *sell*. Nothing I've seen in this thread so far has convinced me that a desktop application accessing Twitter is viable, with or without oAuth. "Without oAuth" isn't viable because it's deprecated by Twitter, and "with oAuth" isn't viable because it's *easy* to compromise. Sure, a server *can* be compromised, but it's a lot harder. On a server, I can control the choice of the entire stack - hardware, OS, application framework, DBMS, etc. I may not be able to prevent a DOS attack, but I can keep that away from Twitter - I can't control how users interact with Twitter using a compromised desktop app.
There must be some other developers on this list - does *anybody* who develops Twitter apps for a living want to chime in and tell me I'm full of hot air here - that there *is* a way to develop and deploy a viable secure desktop Twitter app? > You guys are all freaking out about this when this is how the internet > works. Just look at email. With a single line of PHP I can send any of you > an email from any email address.* > > Abraham > > *There technologies to stop this but very few mail servers use them. > Currently Gmail refuses email from paypal.com unless it is signed by their > key. This is how the Internet works *now* - with 90 percent of the desktops running Windows, many of those not up to date on Windows Updates or virus scanner code and virus definitions, botnets controlling millions of PCs, the government of China exploiting holes in IE 6, bloggers calling openly for iPhone users to mount a DDOS against AT&T, GMail peeking at the content of my emails to suggest commercial products that I might happen to consider competitors, and Facebook selling your private data to scammers and spammers. There may be a thousand and one ways to get hurt on the Internet, but I'm not interested in deploying the 1002nd. That could all change with ChromeOS netbooks. I can dream. ;-) -- M. Edward (Ed) Borasky http://borasky-research.net/smart-at-znmeb "A mathematician is a device for turning coffee into theorems." ~ Paul Erdős
