My paranoia in installing extensions is finally justified. If Amazon is pulling these kind of stunts, then imagine the kind of mischief the smaller apps are pulling off.
This whole "scorched earth"-style permissions model that users can't make educated decisions about is what annoys me about current platforms like Chrome, Android and iOS.
JavaME had an interesting model where the app asks permissions after it is installed (e.g. internet access, local file system access) for each thing it wants to do. And the app has to consider the fact that the user can decide not to grant that particular permission. Of course, once you decide to trust the app, you could disable the prompts.
> where the app asks permissions after it is installed (e.g. internet access, local file system access) for each thing it wants to do
iOS does the same for the permissions it supports (access to photo library, contacts, GPS/location, twitter accounts, etc etc), but a lot of things are always allowed (such as internet access). Facebook also lets you deny specific permissions to apps on their platform. I've always wondered why Android and browser extensions don't let you line-veto deny permissions.
> Facebook also lets you deny specific permissions to apps on their platform
Which, of course, is ironic given that every update to the facebook app on Android asks for more and more permissions, to the point where it can do almost anything now.
This whole "scorched earth"-style permissions model that users can't make educated decisions about is what annoys me about current platforms like Chrome, Android and iOS.
JavaME had an interesting model where the app asks permissions after it is installed (e.g. internet access, local file system access) for each thing it wants to do. And the app has to consider the fact that the user can decide not to grant that particular permission. Of course, once you decide to trust the app, you could disable the prompts.