This is one area where iOS stands head and shoulders above Android. I used to run Cyanogenmod and I remember deciding to not upgrade the Facebook app because doing so would have required giving it a slew of permissions, including the ability to "directly call phone numbers".
By contrast, in iOS, I can choose which apps have access to my location, contacts, etc.
I know that Apple's track record when it comes to privacy isn't exactly spotless but Google would be well advised to follow their lead in allowing users granular control over 3rd-party apps' permissions.
Do not expect Google to implement it anytime soon, due to the massive app breakage potential.
Android's permission system looks good on the surface. However, there are so many required permissons nowadays that many users do not even check them anymore. And you can revoke specific permissions on an app by app basis.
On iOS, developers are told not to rely on certain permissions being available, such as location. Some apps truly can't function without those, but they are supposed to warn the user, not crash.
Do not expect Google to implement it anytime soon, due to the massive app breakage potential.
I run AppOps 4.3/4.4 rooted (so I use the "App Ops X" version internally), and I must say, I've restricted most of my non-system apps and I've never seen a single broken app.
I think this potential is vastly overblown.
EDIT: for example, in the official twitter app, I turn off these:
There is almost zero app breakage potential. Because the implementation shouldn't be refusing permissions, it should simply be mocking them. Ask for a location? Mock it to an arbitrary location. Asking for contacts? Return an empty list, or a list with joe.smith@example.org. Etc.
AFAIK, AppOps doesn't do this, it throws a java exception when the app code attempts to use a permission that has been disabled. Depending on how the code is structured, you may or may not have your app break/crash.
This is somewhere where android fragmentation is truly an issue. iOS didn't have granular switchable permissions a couple of versions ago but as the OS moved forward so did the apps.
CyanogenMod has this killer feature called Privacy Guard which you can enable on a per-app basis. It allows you to use the app and lock it out of unwanted permissions without breaking the app functionality.
BlackBerry actually gave completely granular permission controls for every app you install, as far back as five years ago. It's a shame that neither iOS or Android have come anywhere close in that regard.
By contrast, in iOS, I can choose which apps have access to my location, contacts, etc.
Could you detail the "etc"? To my knowledge historically the only activity that triggered a permission confirmation was a precise location fix. Later, after a debacle with many apps siphoning and scurrilously offloading contact lists, contact access was added as a confirmation.
Android has very granular permissions, and iOS does not. If you don't like the requests of an app, the general option is not to install it. Such is exactly what I've done with a number of small vendor apps -- if you demand anything that you don't need, I don't install.
Of course on the flip side Android, be design, allows for much tighter integration and leveraging between apps and the OS, so there are more interesting opportunities, both for good and bad. But those, too, are covered under permissions.
In iOS7 you can granularly allow/disallow apps access to: location services, contacts, calendars, reminders, photos, bluetooth sharing, microphone, motion activity (iPhone 5S and new iPads only)
The first time an app tries to access any of the above you will be asked whether to grant it permission or not. You can then edit this preferences in Settings.app > Privacy
I think benefit of iOS privacy controls is that you can still install the app, then simply deny it access to data. Android asks you for _all_ permissions up front: allow access or you don't get the app. See: recent flashlight app fiasco.
I absolutely agree with this. It was very shortsighted that apps weren't, from day one, warned that certain permission types are optional. And it's a mistake with every version of the SDK that they don't add the ability for apps to set permissions as such. Instead it continues that apps work on the notion that if they are running, they must have the permission, when just a few null/error checks would save the day.
Looking at the Settings area on my phone, it is possible in iOS 6 to set App-level permissions for:
-Push Notifications
-Location Services
-Contacts
-Calendars
-Reminders
-Photos
-Bluetooth
-Twitter Account Access
-Facebook Account Access.
Note that iOS7 may have added more.
My only complaint is iOS apps know if the permission is denied, so every time you switch to them they can ask you to enable permissions which is annoying (Facebook messenger). I wish they just returned no data.
That might work for contacts, but what does it mean to "return no data" for location services or bluetooth? In those cases isn't "no data" indistinguishable from "disallowed permission"?
Android's permissions are not granular enough and forcing the user to accept them all or not use the app is a security/privacy fail. I love that Android apps can access the telephony API but the permissions for that need to be more fine grained and the toggles to enable them need to be discreet over individual permissions.
Discreet toggles and the request dialogs are roughly the only thing I prefer iOS to Android on. Too bad the rest of iOS is a prison.
By contrast, in iOS, I can choose which apps have access to my location, contacts, etc.
I know that Apple's track record when it comes to privacy isn't exactly spotless but Google would be well advised to follow their lead in allowing users granular control over 3rd-party apps' permissions.