I just came across an interesting post on the ESET Threat Blog (ESET being the antivirus vendor who are responsible for NOD32) about smartphone apps and the risk they potentially pose in a world when we install all sorts of applications, including those that deal with important and sensitive information, on the same device.

In particular, General Hayden remarks that ‘In the popular culture, the availability of 10,000 applications for my smart phone is viewed as an unalloyed good. It is not — since each represents a potential vulnerability. But if we want to shift the popular culture, we need a broader flow of information to corporations and individuals to educate them on the threat. To do that we need to recalibrate what is truly secret.’

Yes, each app that you install on your smartphone is a potential vulnerability. It is precisely for that reason you should be making decisions about what you installed based upon rational thought processes. There are some things that the reward is not great enough to warrant the amount of risk taken. For example, you might choose not to drive 120 MPH (193 KPH) because the cost of potentially getting isn’t worth the benefit of arriving sooner, or perhaps even the benefit of the fun of driving so fast. If you do choose to drive that fast where it is not permitted, and you do get caught, you may discover that the consequences are so extreme you wish you hadn’t have taken the chance.

When it comes to installing software on your smartphone, take a good look at what you may be risking. Do you do online banking or shopping with your smartphone? Do you have business contacts? Contact for friends? How about access to an email account with private emails? All of the information may be compromised if the wrong app is installed. After you identify what assets you have and their value, then consider the app you are installing. What is the benefit it poses to you? Is it worth potentially risking your information for a funny picture or a game you might play a couple of times a year and can probably play online, rather than installing it on your smartphone?

It’s an interesting read — and should remind everyone using an app-capable mobile device that it is a powerful computer, and with that comes a certain degree of risk. While the major smartphone software platforms have a higher level of technical separation between apps running on the same device than you typically get with a desktop PC, we should still be thinking about what apps are sharing ‘the floor’ with others, especially those which deal with more sensitive information, like mobile banking.

I finally had time to walk into an O2 store today and have a brief play with the iPhone.

And I’m pretty impressed. On a sidenote – I’ve decided to go for an iPod Touch, which is actually scheduled to arrive tomorrow, but since it’s a part Christmas present, it won’t be getting any usage for 42 days from today.

I was a little concerned about the iPhone keyboard, but even in about 10 minutes, I picked up how to use it and became pretty good and considerably quick for a small keyboard. Which is a good sign, as I’ll be getting used to it more on the Touch.

The applications all worked really well – the multi-touch interface is very well done and it feels very intuitive to just pick up and use. I mean, I would say that, as I tend to pick things up quickly anyway, but it did seem genuinely intuitive.

My only complaints from what I’ve seen about the device itself are the fingermarks on the screen (the demo iPhones there had seen a lot of fingers) and Safari occasionally rendering a little slowly on some pages. I can confirm, however, that my site looks just as it does in Safari on OS X on the iPhone. 🙂

Of course, my major complaint is the contract lock-in, which is why I’m getting the Touch and not the iPhone itself. It’s a shame, as Mail, SMS, Google Maps and the Phone functionality on the iPhone do look very nice.

Quick tip if you do walk into O2 or the Apple Store and play around – if you do log in to anything in Safari. and then just idly tap the Home button thinking you quit Safari, beware. Anyone who goes back on Safari will arrive at the page you were last – logged in and all. I’d recommend you log out explicitly from whatever sites you visit, close all pages with the bottom right icon in Safari and then clear History, Cache and Cookies in Settings from the home screen. Or, don’t log in to anything. 😛

I’m now going to have to resist the temptation to walk back into O2 during lunch breaks just to have another play! 😉