Apps asking for way more permissions that they need is the new chmod 777pic.twitter.com/8H0PjNuyyl
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
Yeah, in comparison Apple is way better but I've been reading some stats and apparently is 70 vs 40% of users (android /iOS) leaking info; not sure how many of that 40% have their iPhones rooted 
However Apple does provide a device-unique tracking token that apps (& possibly websites?) can access and broadcast. You can manually reset it but not disable it.
So in summary we're quite screwed :/
My understanding is that it's (1) a compromise to prevent them from doing more awful, non-resettable hacks to fingerprint the device, and (2) a means of maintaining the value of their walled-garden/platform to ad-addicted developers.
Interesting, I really need to learn more about this and how it works
Android OTOH is an utter train wreck. I think lots of the perms aren't even enforced except at the Java API level.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.