Twitter recently transitioned to OAuth, but the social network's implementation of the new authentication system has some serious flaws. Ars shows how easy it was to compromise the secret key of Twitter's own official client application for Android.
S. Pujari, A. Hadgu, E. Lex, and R. Jäschke. Proceedings of the 15th International Conference on Knowledge Technologies and Data-driven Business, New York, NY, USA, ACM, (2015)
F. Kooti, N. Hodas, and K. Lerman. Proceedings of the eighth International AAAI Conference on Weblogs and Social Media, page 266--274. AAAI, AAAI Press, (June 2014)
X. Wen, Y. Lin, C. Trattner, and D. Parra. Proceedings of the 25th ACM Conference on Hypertext and Social Media, page 285--290. New York, NY, USA, ACM, (2014)
M. Tsagkias, M. de Rijke, and W. Weerkamp. Proceedings of the Fourth ACM International Conference on Web Search and Data Mining, page 565--574. New York, NY, USA, ACM, (2011)
S. Wu, J. Hofman, W. Mason, and D. Watts. Proceedings of the 20th International Conference on World Wide Web, page 705--714. New York, NY, USA, ACM, (2011)
E. Bakshy, J. Hofman, W. Mason, and D. Watts. Proceedings of the Fourth ACM International Conference on Web Search and Data Mining, page 65--74. New York, NY, USA, ACM, (2011)