So why isn't HN up-in-arms about Google allowing Android apps access to all your phone's un-encrypted images?!? That seems like a much bigger issue!

Since most desktops/PCs/Macs are now always online, why is nobody up in arms that any application has access to your home directory, your registry (HKCU at very least) and your "My Documents" directory either?

This is basically what Android apps have access to when requesting STORAGE permission.

Surely it is the same "problem"?

Yes, I agree. I'm not outraged at all, the lesson is to be careful when accepting SD Storage permission on android...

Perhaps it's inaccurate? It has to be right?

I would have to think this would be something EVERYONE would be upset by.

No, it's quite true. If you're running Android prior to 4.1, any app can read anything from your SD card. Starting in 4.1, apps require READ_EXTERNAL_STORAGE to be able to read from the card (so user has to grant app this permission upon installation)[1].

Have you never noticed this when you grant apps permissions? All of this is clearly written on the permissions list -- READ_EXTERNAL_STORAGE is explained there in layman's terms (as in, "this app will be able to read and write files on your SD card" or something similar).

And now, in KitKat, there have been some major changes in how the SD card can be accessed by apps, which I don't fully understand (never had to develop for KitKat only). But only a small percentage of users have KitKat installed.

If you're really storing sensitive things on your SD card, you should probably look into using some type of app for encrypted file storage (there are many on the market).

1. http://source.android.com/devices/tech/storage/index.html