[bsimpson]

That's because they are the SMS app for Facebook Homeified devices.

[toomuchtodo]

Are Facebook mobile developers that bad they can't check if they're on a Homeified device and degrade gracefully if they're not?

[RobAtticus]

What are you asking here? They probably can, but they still need to request the permission upfront because that's how Android is set up.

[toomuchtodo]

I'm asking who is responsible for the poor application design choice.

[dstaley]

It's not a "poor application design choice." Facebook wants to provide the ability for users to send and receive SMS/MMS from the Messenger app. Even though it's a feature you can turn off, the app must request the permission even if it's not using the feature. This is an Android limitation. A better solution would be to the app request permission only when it needs it, such as how an app requests your location or access to your photos on iOS.

[lucid00]

Android provides this for some features but not all.

The problem is if an app requests too many permissions it gets messy to just show a pop-up dialog for each and every one.

This is the reason why Google Chrome and Firefox started working on web apps that essentially are just fancy bookmarks those bookmarks provide permissions before hand for the web app so that they don't need to be requested later.

[mcrmonkey]

Indeed. However it would be nice if it was a component that can be added on rather than just making an assumtion. Same goes for the autoupdate i heard about a few weeks ago; Ask me first then go do stuff.