"Firewalls" could merely block sensitive services from being remotely accessible - but the N800 has no such service unless you install it.

PUBLIC WiFi access is generally insecure, as secure access schemes would require you to have an account with the service provider. That is, PUBLIC WiFi is entirely unencrypted and accessible by any stranger, so that anybody in range could forge and inject packets, or even assume the identity of the service provider.

The risk of getting a worm delivered to a N800 via forged packets is marginal, though - Maemo/ARM is way too exotic among platforms to be targetted. You would have to worry when surfing a public WLAN with Windows/Intel devices, though, and even cell phones have already been (rarely) targetted...

As for HTTP being safe from sniffers: Nope. HTTPS would be, though. In general, you should use application-level security (like SSL web sites, SSL/TLS on the mail server, and SSH for shell connections) for anything critical, especially on wireless networks. The N800 supports that, but you still have to configure it, and must use SSL capable web/mail servers (which free services sometimes aren't).

Sevo