This is a good post. With my first Android (eris) and smartphone even, I was wondering about this stuff this weekend. One question I had that is not answered in here is how the list of permissions for an app is generated? Does the developer go down a checklist ticking off boxes (which leaves room for a lot of lying) or is it generated automatically so we know it's accurate? This is a great post. Please sticky.