I personally dislike Google's all-or-nothing approach to permissions. It gives the user a complete list of things (some of which may be valid and some not) with absolutely no context as to why they need this and then basically tell you that if you want the app then you have to accept the lot.
Coupled with a barely managed market place, you're just asking for someone to slip something malicious into the store and for anyone downloading it to blindly hit "accept".
A better method would be to rationalise some of the permissions (for example, do you really need to spook everyone with "read call state" given that it's used to suspend an app when a call comes in?) and then pop up a request to access the other permissions at the time when they are needed - a la iPhone.
That way I know why my app wants to access my contacts (because I've just pushed the button that says "invite a friend to a game") and also means that if I'm not comfortable with it having access to my call history then I can decline and still have the opportunity to continue using it.