Twitter should disable everything except registration through the web interface. If it is not a script injection vulnerability, it is a 404 error returned for the CSS file resulting in a linear layout, or the web interface not loading at all. The API on the other hand is usually up (and by extension so are third party apps.) If they focus their attention on supporting the API they could charge app developers a fee, which many would happily pay since they would be the exclusive interfaces used for Twitter (since the web interface would be gone) and they could build ads, charge for app use, and provide customized extended Twitter functionality.

I am completely half serious on this.