Since joining Avatars United, I have started to get more spam on my (non-public) email account which I use for Second Life. Going back through the privacy settings at AU, under Manage Applications, I found that the defaults for uninstalled applications had "Allow non-installed applications to access my friends list" checked AND "Allow non-installed applications to send me e-mails, notifications and Inbox messages."
Holy crap!! That looks like an open door for anyone who wants to write an app to grab my email address and start sending me spammy stuff. I've unchecked those settings (see the yellow highlights in the piccy above) but this is really disturbing to me.
Anyone else seeing this?
UPDATE: Here's another point of possible unwanted intrusion. It's in each of your installed applications settings. Shoutbox is shown here. It's "Do not prompt me if this application requests permission to access my data". Yeesh. It's checked by default too.