Never trust public Wi-Fi. This post by Wildpackets explains very well why it is unsafe and what measures to take. The conclusion that VPN’s are only for network engineers and IT admins to setup is not true in my opinion:
As a network engineer or IT admin, it is really easy and effective to set up a VPN, especially if you have mobile workers or provide devices to your workers. A VPN encrypts all traffic and keeps both your corporate data as well as employeesâ€™ personal data safe and secure. Require that the VPN be used for access to any corporate application, and encourage your users to take advantage of the VPN to protect their personal public Wi-Fi usage as well.
The T-Mobile WiFi in the Dutch trains is a good example of an unsafe network. I have heard a lot of stories of accounts being compromised after a train trip. Using SSL for all your accounts is one thing, but the first thing I do when getting in the train is enabling my OpenVPN.