If you have root you can still enable it with market apps.[0][1]
However something like this needs to be integrated tightly like iOS and apps need to be aware they may not receive requested permissions. I still use App Ops in Kit Kat and it silently breaks apps all the time. Apps expect to be able request information (e.g. contact details) and crash or stall when they can't.
In that respect, LBE Privacy Guard[2] was a much better alternative up to ICS. It was a privacy firewall that would pop up notifications when protected permissions were being used for the first time. Instead of blocking apps when denied, Privacy Guard would feed it blank data instead. This lead to a better UX and stopped blocked apps crashing.
There needs to be an open source version of LBE Privacy Guard since the current one hasn't been updated over a year and is closed source from a Chinese company.
I think the article is a tad misleading here, and I think your first link is going to add to the confusion.
The ability to revoke permissions was built right into the System Settings app, but the ability to access it was hidden from view. Custom roms would usually add a link to it, and apps like AppOps by ColorTiger (your first link) was simply a pointer that would trigger that view to activate (I'm glossing over the root functionality here).
What Google did in 4.4.2 was remove the hidden view from settings. This means that apps like ColorTiger's AppOps will no longer work at all- there is nothing for it to call. The pointer has been dereferenced, if you will.
Apps like LBE (which I share your desire for a newly updated, open source version which doesn't cause bootloops on newer versions of Android), PDroid, and presumably XPrivacy (which I've never heard of, but am looking into now for the inevitable upgrade to 4.4.2 if OmniRom is unable to provide a new solution) work because they replace the functionality that Google removed, not just call something built into Android, but hidden.
Color Tiger dev here - actually with our version and root access you can install a recompiled version of AppOps with a few extended features as well - rebranded as AppOps X
You don't need root for that first app! I've been using it just fine without root. The description tells you what extra features you get with root, but you can handle the privacy issue without.
It has some rough edges like asking me to check permissions after every (auto)update, even if app hadn't requested any new permissions, but allows relatively fine-grained (API function-name-level) permission control. Root permissions are only required to install Xposed, after Dalvik's runtime's hooked no root's required.
Oh, and "pro" features are useless (you can just build your own version from GitHub sources to enable export, and sharing is completely awkward without any UI to see what happened), but I still donated. Disclaimer: I have no affiliation to this project other than using it on my phone.
xprivacy does the same thing, and seems to be actively developed. The only problem is that it has an atrocious UX, but again, that seems to be on par for most android utils.
There is an opensource privacy guard built into cyanogenmod. I just installed the latest nightly CM 11 on my phone (built off of latest android 4.4.2 kitkat), and was pleased to see textsecure integrated as the default SMS as well. Thankfully the CM community cares about things such as privacy...can't trust the big corporate behemoth google.
although i think this might also be working in kitkat. what i can recommend to users though is to use pdroid if they wish to do so. so you could use lbe for all apps. and pdroid for lbe itself. a lot of jelly bean custom roms support openpdroid. i personally use cyankang
However something like this needs to be integrated tightly like iOS and apps need to be aware they may not receive requested permissions. I still use App Ops in Kit Kat and it silently breaks apps all the time. Apps expect to be able request information (e.g. contact details) and crash or stall when they can't.
In that respect, LBE Privacy Guard[2] was a much better alternative up to ICS. It was a privacy firewall that would pop up notifications when protected permissions were being used for the first time. Instead of blocking apps when denied, Privacy Guard would feed it blank data instead. This lead to a better UX and stopped blocked apps crashing.
There needs to be an open source version of LBE Privacy Guard since the current one hasn't been updated over a year and is closed source from a Chinese company.
[0]: https://play.google.com/store/apps/details?id=com.colortiger...
[1]: https://play.google.com/store/apps/details?id=biz.bokhorst.x...
[2]: DO NOT INSTALL, FORCES REBOOT LOOP
https://play.google.com/store/apps/details?id=com.lbe.securi...