How to store a secret API key in an application's binary?

Question

I am creating a Twitter client for Mac OS X and I have a Consumer secret. It\'s to my understanding I should not share this secret key. The problem is that

Answer 1

A really late answer...

If you setup your own server, you can use it for helping you desktop app getting authorized by users on twitter without sharing (i.e.: embedding) your secret key.

You can use this approach:

When a user installs you desktop app she must register it with twitter and with your server *) *) The app asks the server to generate the token request URL *) The server sends the generated URL to the app *) The app directs the user to the authorize URL *) The user authorizes your app on twitter and pastes the generated PIN into it *) Using the PIN you app grabs the token *) All further communication uses the token and does not involve your server

Note: the app logs to your server using the user credentials (e.g.: id and password) for your server.