It is impossible to maintain a secure session with Twitter, for multiple reasons. Additionally, once a session has been hijacked, it is possible for the attacker to maintain control over the account (not just the session) indefinitely, unless the user changes their password. This is because the session cookie has the same lifetime as the password.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/89044/2010-001-twitter.txt
Source: https://packetstormsecurity.com/files/89044/Twitter.com-Impossible-Secure-Session.html