As far as I know will only the Account Settings page on Facebook encrypt your connection if you haven’t changed the default settings. Not even the login page seems to connect over SSL by default, which seems a bit strange for such a large site. Maybe they don’t really care about the users’ security.
However, on the Account Settings page there is an option below Account security that asks you if you want to browse Facebook on a secure connection. I can’t see a reason to not use it, so I advise you to go in there and update your account. I have done it myself on all my accounts, and I haven’t experienced any problems.
The flaw with this is that you have to be logged in to make Facebook realise that you want to use an encrypted connection. Therefore doesn’t the login page use SSL by default, so you have to manually add an s to http in the URL.
By using https will you be protected from applications like FireSheep, even if you are on a unencrypted network. And you will also protect your data from being read by others on the way between you and the server.