Accidentally posted this anonymously, actually wanted to spend some karma on this one.
You are completely missing the point. The point is that it is feasible for an application that *does* appear to legitimately need these permissions (e.g. an improved SMS application, of which there are many). There is no way for the user to specify that the only SMS messages that can be sent are those ones that they wish to send, or that the OWNER_DATA permission should only be used to read data required for the application to do its job. The fact that it's just a tic-tac-toe application is beside the point, a more complicated application could claim to need these permissions and all kinds of users are going to trust that the application is not doing the wrong thing.
This is not "fearmongering bullshit", this is a legitimate concern for smartphones these days. I'm really confused why your comments got moderated up.
The moon is made of green cheese. -- John Heywood