Most media now have secure drop and guides on usage.
In the UK atleast such as this BBC page[0]. As do the Guardian, Bloomberg and many more Im sure.
I appreciate that it is an involved process as you say but it doesn't seem excessive especially if you can use your smartphone now that tor browser is on android and iOS.
This might hinder small time criminals and companies at best from finding out who snitched on them. But in an authoritarian regime with state level resources or just a sufficient level of corruption or even just a media corp run by boomers that is vulnerable to phishing, you can't count on discretion for these things. Secure tunnels and end2end encryption are worthless if the endpoints are easy to compromise. The above comment is right that at the very least you should use bespoke hardware that was never associated with you or anyone you know in any shape or form (in addition to the things mentioned on that site). And even then you'd have to make sure that the info you leak can't be traced back to you, at which point it becomes a game of intelligence and counter intelligence. For example, if an organisation suspects their people are leaking info to the press, it could begin to place targeted (mis)information among employees to uncover them. This was done at Tesla last year to track and eventually bust leakers.
It's dangerous to assume phishing vulnerability is solely a Boomer thing. Tech literacy is unevenly distributed even among younger generations, and the upcoming generations that grew up on Chromebooks and tablet computing aren't that much more tech literate than old folks on the aspects of OpSec that matter. "Kids these days" don't even really understand how file systems work.
In the UK atleast such as this BBC page[0]. As do the Guardian, Bloomberg and many more Im sure.
I appreciate that it is an involved process as you say but it doesn't seem excessive especially if you can use your smartphone now that tor browser is on android and iOS.
[0] https://www.bbc.co.uk/news/uk-60972903.amp