In case you weren't being rhetorical, I choose answer 1.. YES!
WEP + non-broadcast SSID + MAC Address security: 1) Crack 2) Sniff 3) Spoof 4) Connect
WEP: 1) Crack 2) Connect
The significant thing being that only "1" actually takes any time and with WEP it is a significantly shorter time. Firewall wont protect you from terribly much at Layer 2 and by the time they have gotten to TCP/IP.. well.. to co-opt an old horror motif, the bad guy ".. is calling from INSIDE YOUR HOUSE!!" (cue scream).
WPA and WEP dont just provide encryption, they provide an implicit authentication and authorisation step. WEP's flaws make it too easy to leap over these and unless you replace them with something else (eg VPN + Firewall, maybe - if you are into that sort of thing) you have nothing.
It is fine to stick with WEP - just dont put any trust in it. If you treat your WEP's Wi-Fi interface with the same level of trust you would an unmanaged public access network and protect your resources (your systems, your data, your Internet feed) appropriately, you can certainly soldier on with it. It seems like a lot of work though.
This is not to say that WPA is perfect. You still need to be thinking about those things, regardless. Especially if you have something important to protect. It is just that when you are at the low end of the food chain - not at all attractive to sophisticated hackers, and not that much to lose on the LAN - you need WPA. WEP will let the smelly script kiddies in to play with your skimpies and do things with your toothbrushes..