I think this is a sensationalist blog post vastly exaggerated just to get noticed. It's not a flaw in oauth. If anything just a questionable design decision by Twitter. Oauth is NOT any less secure people! I'd much much rather join a "Twitter site" by oauth than by giving them my password.