I know it's not answering your actual point, but I'll answer your specific questions. No, it can't record audio, or make phone calls on your behalf -- both require specific permissions that aren't listed here. It can't access your contacts at all, either, as that requires a specific permission.
Pictures are stored on the SD card, so the app could read all your pictures, upload them, then delete them. Newer devices have more internal storage, so hopefully applications will gradually move away from using this permission. Apparently, the next version of Android will introduce a new permission for reading the SD card too -- at present, any application may read from the SD card.
"Read[ing] all my personal data" depends on what you count as personal data -- security-sensitive info should not be on the SD card (things like phone number (although the phone state and identity permission gives access to this), contacts, account details), but anything that is on the SD card may be read by any application. That means pictures and music, at least.
I wonder if it might be useful to always list all of the common permissions, to make it easier to see which ones an application doesn't have. I've installed enough Android apps to have a reasonable idea of what's available (and by extension, what any given app can't do) but it's reasonable to assume I'm in a small minority.
Why not just do the same thing we have been using for years, /tmp. If the program just needs scratch space why do we deem it proper to allow any app to traverse an entire partition so it can set down a couple of files?
Thanks for the info. I agree that knowing what an app can't do would be very useful.
And I think there should be a notion of "secure/private/encrypted storage". So when I tell an app to store some item there, I can be absolutely certain that no other app will ever be able to access it, regardless of any permissions.
Every app has its own protected storage space, but that's historically often been quite restricted in size. This is where things like SQLite databases are usually stored. It's also (pretty much by definition) not accessible using a file manager and it's much more difficult to share data from it, so it's not appropriate for music or pictures.
Pictures are stored on the SD card, so the app could read all your pictures, upload them, then delete them. Newer devices have more internal storage, so hopefully applications will gradually move away from using this permission. Apparently, the next version of Android will introduce a new permission for reading the SD card too -- at present, any application may read from the SD card.
"Read[ing] all my personal data" depends on what you count as personal data -- security-sensitive info should not be on the SD card (things like phone number (although the phone state and identity permission gives access to this), contacts, account details), but anything that is on the SD card may be read by any application. That means pictures and music, at least.
I wonder if it might be useful to always list all of the common permissions, to make it easier to see which ones an application doesn't have. I've installed enough Android apps to have a reasonable idea of what's available (and by extension, what any given app can't do) but it's reasonable to assume I'm in a small minority.