There are some concerns with Tor. Exit nodes on Tor shouldn’t be considered safe, and if you’re sending unencrypted traffic over Tor, there’s a decent chance that a malicious exit node could be sniffing your traffic. Late last year, several suspicious exit nodes were found that specifically only accepted unencrypted traffic. Some details about it are here:

http://czarism.com/tor-vs-security-sniffing-exit-nodes

Another issue with open wifi access points are malicious nodes that may be set up in popular areas (cities, near universities, coffee shops, etc) by someone who sniffs all the _ethernet_ traffic coming out of his access point.

In short, make sure important traffic is encrypted (POP/IMAP mail, https banking sites). While even this can be broken by a carefully crafted man-in-the-middle attack, there’s so much easily intercepted unencrypted stuff floating around out there that hackers won’t bother with your encrypted traffic.