Fun Fact: You can get the API secret key out of twitter's official client. Which will allow you to use their xauth system (no browser oauth required - only enter username/password).
Also great for spambots: Twitter can't ban the app because then they had to ban their official Twitter clients.
You should try to extract the ones from iOS 5. They're hardcoded in Twitter.framework (simulator versions as well) and can be extracted with the simple "strings" tool. I'm not going to post them here though.
I guess you should take great care to use the exact same HTTP headers (user-agent, accept, encoding etc) and pattern of API access as the corresponding apps, or they'll surely be able to detect anomalies and ban your account :)
Also great for spambots: Twitter can't ban the app because then they had to ban their official Twitter clients.
/edit: have fun
One is for tweetie 1.0 and the other is for the official twitter client.