[DominikR]

> No fix in place to make sure other people working closely with Alphabet/Google won't leave door open again.

Niantic Labs did not create and does not own the permission model and therefore by definition they can't fix it.

All they can do is improve their review process to reduce chances that bad code somehow makes it into production. (as probably most of us do)

That is not to say that there aren't valid and reasonable use cases for even the most powerful/dangerous permissions. People even root their phones to give some of their apps access to permissions they otherwise couldn't use because there's a lot of cool/interesting stuff you can do that way.