Yes: this article is really exaggerating the issue. When a website wants to allow login via Facebook it has to specifically request almost all of these properties: Facebook's own docs state that:
[...] the app can access their public profile and friend list, the pieces of information that are visible to everyone. Each other piece of information that someone adds to their Facebook profile is secured behind permissions.
This means that the app/site in question will pop up a box asking for those permissions explicitly (eg. "this app wants to access your photos" etc) and the user must approve that personally before logging in. Sure, you can argue that sites shouldn't be asking for all that data, but it's at the user's discretion to grant it and it's about as transparent as it could be: Facebook aren't hiding what they're doing.