Latest news
The changes will purportedly be made to "deliver a consistent Twitter experience" and to prevent malicious use of the API, and will include:
- the requirement for every request to the API to be authenticated via OAuth
- a new per-endpoint rate limiting on the API, that will allow 60 calls per hour per-endpoint for most individual API endpoints, and up to 720 calls per hour for high-volume endpoints related to Tweet display, profile display, user lookup and user search
- Tweet Display Guidelines have now become Display Requirements, and will also be introduced for mobile applications
- pre-installed client applications will have to be certified by Twitter
- developers building a Twitter client application that is accessing the home timeline, account settings or direct messages API endpoints or are using our User Streams product will need Twitter's permission if their application will require more than 100,000 individual user tokens. The developers of those apps that already use those endpoints and are currently over those token limits, will be able to maintain and add new users to your application until they reach 200% of your current user token count. "Once you reach 200% of your current user token count, you'll be able to maintain your application to serve your users, but you will not be able to add additional users without our permission," says Michael Sippey, Twitter’s Director of Consumer Products.
Many developers have already piped up to point out that Twitter has basically set up a lot of new rules, the breaking of which almost always results in the revocation of their application key.
As Instagram creator Marco Arment has pointed out in a blog post, Twitter has left themselves a lot of wiggle-room with the rules.
"Effectively, Twitter can decide your app is breaking a (potentially vague) rule at any time, or they can add a new rule that your app inadvertently breaks, and revoke your API access at any time. Of course, they’ve always had this power. But now we know that they’ll use it in ways that we really don’t agree with.
Spotlight
Is it time to professionalize information security?
Posted on 23 May 2013. | The issue of whether or not information security professionals should be licensed to practice has already been the topic of many a passionate debate.
Review: Logging and Log Management
Posted on 22 May 2013. | Every security practitioner should be aware of the overwhelming advantages of logging and perusing logs for discovering system intrusions. But logging and log management comes with its own set of difficulties.
Experts highlight top data breach vulnerabilities
Posted on 22 May 2013. | Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker.
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
