Also, why does every app request permission to write to my Twitter stream, even if it has no business doing that? You're supposed to only read my stream, no?

because twitter doesn't granulate permissions like facebook does.

Of course it does, just pass "oauth_access_type=read" when calling /oauth/authorize...

Posted here, as nobody seems to know about this:

http://blog.stochastictechnologies.com/gaining-read-only-acc...