You are correct, each and every application must be individually configured to use TOR. Applications that cannot be so configured, will not use TOR, and the connection will not be obfuscated. This Application Leakage (especially for DNS) can put your anonymity at risk, to observers who can see your local connections activity. Proxy Leakage does not present a risk on the far end of the connection however.

While application leakage leaks at the local end, and may expose your activities to your ISP, Data Leakage may expose information about you to observers after you exit the network. If you transmit your Kaspersky license key to them to validate an update, and that key is observed, an adversary may be able to identify you by asking Kaspersky. Your weather applet may send your zip code or address when asking for updates. Who knows what MS sends with Windows update. TOR does NOTHING to protect against this kind of disclosure. For this reason, the first rule of using TOR, is don't mix anonymous and non-anonymous operations on the same system. When you use tor, it should be all or nothing to be effective. I recommend using Tails as a Live CD (see below) when using TOR because it has no data about you to leak.

There are several approaches you can take to limit or eliminate Application Leakage.

• The most reliable is to use a hardware router like Safeplug, which plugs in to your network between your existing router and ISP demarc (cable/dsl modem). it passes all traffic passed to it through tor automatically. This approach has the most vulnerability to data leakage, however. Mobile applications that have GPS capabilities using the network may have a european IP address, but if the data contains the devices GPS coordinates, it would be trivial for someone observing the exit relay to tell where you are.

• The most secure is to use a virtual machine or boot from a Live CD, specially configured to use tor, and use it only when and for apps in which you need anonymity. One such Live CD is Tails.

• The least reliable and secure, but often the easiest to configure, is a transparent or isolated proxy. This approach is susceptible to a subset of application leakage, and a great deal of data leakage, which is really hard to control, unless you dedicate the box to anonymous activities.

Last, note that TOR is about forward secrecy (obscuring the source or destination of a communication from observers) rather than about encryption. TOR encrypts data while it is in the network, to prevent risks from people putting up malicious TOR relays, but once your traffic leaves the network, it is only encrypted if the remote site negotiates SSL as part of the connection (eg: did you connect with an https url?). Your IP address will be hidden, but if you put plaintext onto tor, its plaintext when it comes out on the far side.

Consider a computer connected to the Tor network through the TOP browser.

Considered. All the TOR browser does is anonymize traffic that goes through the Tor browser itself. It does not anonymize your whole Internet connection in any way. As explained on the official, Tor browser page; emphasis is mine:

The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.

That is a bit vague. Perhaps it should state something like, “it prevents somebody watching your web browser connection via the Tor browser from learning what sites you visit…” But that would still be confusing to the target audience for users of the Tor browser: Non-tech folks who want to anonymously browse websites.

Now if you want to Torify a specific application or a specific service, that is a more complicated process that is explained on this page:

Tor does not protect all of your computer's Internet traffic when you run it. Tor only protects your applications that are properly configured to send their Internet traffic through Tor. To avoid problems with Tor configuration, we strongly recommend you use the Tor Browser Bundle. It is pre-configured to protect your privacy and anonymity on the web as long as you're browsing with the Tor Browser itself. Almost any other web browser configuration is likely to be unsafe to use with Tor.

Which basically means, yes you have valid doubts. How to assuage them? Depends. Can you do it all via the Tor browser package? Perhaps. But it is not as cut and dry as simply downloading it, installing it and running it. There is generally a tad more effort required to anonymize all traffic.