Would there be a way to have the N900 ask me before connecting to a known unsecured WIFi access point tnat came in range (prefferably with a little dropdown box for remembering my answer for the next 5 minutes, 10, 15, 30, an hour, two, 3, 6, 12, a whole day, two days, a week, a month etc and forever and never)?

I've just realized i have been under risk of having my data spied on (like by the Googlemobile) for several weeks because i was careless after trying to connect to some open hotspots i stumbled upon (including one named "dlink" that seems to be present in lots of different places, it was probably more than one but the N900 would connect to them all anyway).

you can remove those access points that you previously defined
- settings - internet connections - connections - delete those which you don't want to automatically connect to
.. or you could always disable wifi

That is what i did, but i would rather consider that just as a temporary workaround, i would rather not have to keep deleting access points after using them nor have to remember to turn on WiFi whenever i'm somewhere i got an access point i wanna use.

a confirmation for unsecured ap's (when they share an ssid but not a mac address) is a good idea.

Taking it a level further, Some sort of ARP watching ability would be nice too, like DecaddeinatID or winarpwarch, to help prevent mitm deauth attacks et al.

Is there a good thread on locking down your n900 security wise? Ive yet to see one but i may be wrong...

In the meantime, you could always just disable auto-connect. Not ideal, I know, but connecting manually to a network of your choice only takes a couple of seconds.

I think the option of having to confirm would be a good thing, but there was one time that feature really impressed me -- I was sitting on a streetcar that was stopped for a red light, just listening to the radio on the N900 not even thinking about it when all of a sudden it pinged in my ear and gave a quick vibrate.. I pulled it out of my pocket thinking it must have been a text, but there was the purple light blinking for an email.. WTF?? I don't have a mobile data plan..

But there was a Starbucks outside on the corner. In the time the streetcar was stopped at the light, the N900 had connected to their network and checked checked my email for me

The phone really earned its keep that day.

IMHO you should always use SSL/TLS for anything even remotely sensitive rather than relying on WLAN "security". Anything less than WPA2 is already known broken, and even with that other devices associated to the same AP may not always be benign.

Yeah, it's quite annoying that the N900 auto-saves them without prompting :-(

How secure are the stuff like Skype and Gtalk (the builtin ones) ?

Also, would there be a way to have microB make it more clear when i'm secure and when i'm not?

dlink is one of the major router manufacturers. so no surprise you find some of them around.
see http://www.dlink.com

What surprised me was not the name or how common it was, what surprised me was that just having the same name was enough to trick the N900 into treating it as the same access point even kilometers apart.

That's a feature, nothing to do with the N900 being "tricked".