There are two questions to answer here really, 1) How can you keep your internet traffic private when using public internet spots, lets say starbucks with a shady looking fellow dressed in white and black stripes, with a ski mask sat hunched over his computer sat in a corner (thats how hackers dress right?), and 2) How do you stay anonymous on the internet, and i guess maybe 3) how does tor work
The first question
Generally the bestway to achieve this is by using a VPN (Virtual Private Network), they way these work is you have a client on your computer which takes all your network connections, encrypts them, and sends them onto a remote host, where they then get decrypted, and sent onto the end host. There are a few different ways of doing this, you could use a VPS to host something such as OpenVPN (A SSL VPN) (Arguably the best and most secure one), and then connect to this whenever you use a open network. This way the shady guy sees TLS traffic to a remote host, and has no way of reading it. A easier, low tech way could be host Rdesktop at home, then connect to this and browse through this machine, again works the same way but would be much slower
A more indepth look at the types of VPNS can be found here
If you dont wish to host this yourself, there are providers on the internet which claim to offer these form of services, however if you are paranoid enough to want to use it, you should be paranoid to ask 'But what if they are not doing as they say'
Staying anonymous online is a hard one, This is because of two main ways of tracking you, cookies in ads, and your browser fingerprint. The best option here is to Use a add blocker, and clear cookies once in a while. Lots of people have the idea that your IP address can lead you to the front door, but it doesnt, it leads to your ISP in which case they are the ones who lead to your door.
Third question Tor
Tor works by bouncing your connection through three hosts, it is first encrypted with the private key of the third, then the second, then the first. As such the first, and second hops only see TLS traffic and have no way of reading your stuff. The 'Exit' (third) node is able to see your traffic as you sent it, in theory this can be tracked back to your IP and it has been done in the past. As our freind Mr.Robot said
The Onion routing protocol is not as anonymous as you think it is. Whoever controls the exit nodes is the one who controls the traffic, which makes me… the one in control.
As a side note, to protect your traffic you should be looking for HTTPS, its the best way of doing this, shame ocn doesnt have TLS really!Edited by Ulquiorra - 11/10/16 at 2:53am