Saying that if you ignore the law then it is legal is not a useful point.
Even if the tweets are public that doesn't mean you can steal an authorization token to use an API to query for them. If you hacked into so server and downloaded /usr/bin/bash you still accessed data you were not authorized to even though it was a public binary.
Twitter's terms of service makes it clear that you aren't allowed to reverse engineer the android app to take its token and start scraping twitter.
Even if the tweets are public that doesn't mean you can steal an authorization token to use an API to query for them. If you hacked into so server and downloaded /usr/bin/bash you still accessed data you were not authorized to even though it was a public binary.
Twitter's terms of service makes it clear that you aren't allowed to reverse engineer the android app to take its token and start scraping twitter.