The real story here is that OAuth has much wider and far reaching implications than just Twitter apps. I think we've reached the high-water mark of the number of logons and passwords we'll need to keep track of. I see a future not that far off where everything from Credit and ATM transactions to your Facebook and HN logins are all handled by OAuth.
It doesn't look like there's a mode where the the app would not get any access to private data.<p>Why would users trust an app that has access to their direct messages?