Jukka over at the S60 Multimedia blog has written a clear, illustrated guide to how self-signed applications are handled/seen by the user. The upshot is that many smaller developers won't need to shell out for paid-for Symbian Signing but will need to warn users to expect a few dialogs during installation.
Read on in the full article.
So, is this a back door for the dreaded virus writers?
Of course not! 8-)
Malware can still be installed, of course, if the user decides to forego all common sense and install it anyway. But the virus won't be able to do anything in terms of communicating with other smartphones. Only basic capabilities can be granted by the user.
Think of malware on S60 2nd Edition as being rarer than winning the lottery. Think of malware on S60 3rd Edition (/Symbian OS 9) as being as likely as a pig flying or the moon turning to cheese.
Steve