Official client consumer key that can circumvent Twitter API regulation

ByAlicePopkorn

In API 1.1 after March 5, the number of APIs that can be called in 15 minutes is much more restricted than before, but the Twitter official client is as user-friendly as before and is not so strictly regulated . That means that if you pretend to be an official client you can avoid regulation? So, the consumer key of the official client has been released.

Overseas, it is treated as "the API key was leaked", and it has been picked up as follows.

Twitter OAuth API Keys Leaked | threatpost
http://threatpost.com/en_us/blogs/twitter-oauth-api-keys-leaked-030713


The following page actually shows the key of the official client.

Consumer keys of official Twitter clients
https://gist.github.com/re4k/3878505


"Twitter for iPhone" "Twitter for Android" "Twitter for Google TV" "Twitter for iPad" "Twitter for Mac" "Twitter for Windows Phone" "TweetDeck" has been posted.

In the first place, the biggest difference between API before March 5 and API 1.1 which became effective after March 5 is as follows.

About twitterAPI 1.1 | Notepad-like blog

TwitterAPI1:

· One account can use API 350 times per hour (For example, when acquiring TL information, API will be consumed one by one.)
· When using multiple clients with one account 350 clients in one hour will be shared by multiple clients.

TwitterAPI 1.1:

· One client registered with one account can use 15 times per 15 minutes for each API (180 times for API that is expected to be used frequently)

For example, in the past we were able to acquire TL 350 times per hour, so we could obtain TL about 5.8 times in one minute, but since API 1.1 it is 15 times in 15 minutes, once in 1 minute, About one-fifth of the previous one. It is inconvenient for people who frequently use at some level or higher, that is, people who actively use Twitter.

Under such circumstances, the official client also uses API 1.1, but it has been given preferential treatment as follows.

◆ Twitter Official client API 1.1 can be used in 15 minutes
· Main TL acquisition: 180 times
· Mentions acquired: 60 times
· DM acquisition: 60 times
· List acquisition: 300 times
· Search: 180 times

◆ Number of times that API 1.1 except official can be used in 15 minutes
· Main TL acquisition: 15 times (there is only official one-twelfth)
· Mentation acquisition: 15 times (there is only one quarter of the official)
· DM acquisition: 15 times (there is only one quarter of the official)
· List acquisition: 180 times
· Search: 180 times (same as official)

In other words, if you pretend to be an official Twitter client, regulation can be avoided dramatically.

There are applications that can actually do such things, it has been verified on the following pages, and it has been found to be successful at the moment.

Together alone »Twitter API v1.1 Trial at" Neko Tsui "to Survive the Age
http://hitoriblog.com/?p=15560


If Twitter changes the key of this official client, all the official clients currently installed will not work, so it will not be possible to respond immediately, and even if it is an official client it uses APIs Since it is necessary to incorporate this key in the application, even if it updates it is sure to fall out under the present condition.

Although the API before API 1.1 can still be used at present but it suddenly becomes impossible to use the previous API at the same time, it will state what happens if only 1.1 can be used "Blackout testIt is supposed to be implemented from time to time, and APIs other than 1.1 will be completely disabled in 2013.