alostpacket on AndroidForums.com has written one of the most comprehensive and readable guides to applications on the Android platform. He explains what threats there are, as well as what all those permission warnings are.
The first thing when understanding the security of your phone is to know a little bit about what makes it tick. Android is a 'lite' version of Linux with most applications that you download from the market written in Java.
The reason that this is important to know is that it means Android is very unlikely to ever get a virus in the traditional sense of 'virus.' Part of the reason why is because Linux is a fairly secure operating system that protects various parts of itself from other parts. For the more technically inclined this is similar to how Windows has admin accounts and limited user accounts. Because of this protection, applications downloaded from the market do not have access to anything by default. You must grant them permission for each activity they want to perform when they are installed. This is a very important point which we will address a bit later.
He's courteously given permission for us to reprint his work -- I've posted it at: http://community.sprint.com/baw/docs/DOC-1141