But if a journalist is going to use a secure desktop Operating System, he/she/they should investigate the current trio of recommendations which are as follows, and have different threat models baked into each:
Subgraph. Currently in Alpha version, so be careful using this. Still has to be vetted by the wider infosec community, but worth downloading and playing around with.
TailsOS. Very useful for journalists, but since it heavily relies on Tor it can be tricky dealing with mixed-anonymity workflows where sometimes you just need a Windows environment (preferably an airgapped Windows sandbox you can use to code / play around with files using Windows freeware).
Qubes. Heavily reliant on compartmentalization, and this can sometimes prove too cumbersome if you typically do one type of activity on the web like chat / email / hang out on slack. Typically for when you need to insulate different activities from each other and to avoid contaminating different contextual environments / tasks.
I like Subgraph. I know a lot of people like Qubes (I have no opinions about it, but the people I know who like it are quite smart). I don't think I know anyone who recommends Tails.
But none of these are reasonable suggestions for journalists and activists. We're not talking about people who are running conspiracies and can organize their working lives around opsec. You can barely get these people to the point where they aren't blindly clicking on attachments (and the attachments they open need to open in office software that is compatible with their existing workflows). They're simply not going to use Linux on their desktops.
This is why security people like phones so much: they run secure operating systems that laypeople have accepted and can work with.
There is the caveat that it's hard to get things done in a timely manner on phones, or even tablets/phablets. If I need to crank out a lengthy blogpost, then I need a full desktop environment where I can do cross referencing, wikipedia lookups, file selection, photo editing, and all the other things that a desktop affords. I have tried writing a blogpost on an iPad and it took up my whole day when it should have taken 2-3 hours.
I know people who have developed super-fast methods for working on iOS but they are such a rare creature, and I'm not so sure their workflow is even teachable enough to be widely adopted by journalists or professional bloggers. From my experience they're relying on all sorts of hacks to get a blogpost out the door like using some perfectly curated mix of apps, and being able to pass files to and fro different apps with ease. Hardly the stuff of laypeople.
Subgraph. Currently in Alpha version, so be careful using this. Still has to be vetted by the wider infosec community, but worth downloading and playing around with.
TailsOS. Very useful for journalists, but since it heavily relies on Tor it can be tricky dealing with mixed-anonymity workflows where sometimes you just need a Windows environment (preferably an airgapped Windows sandbox you can use to code / play around with files using Windows freeware).
Qubes. Heavily reliant on compartmentalization, and this can sometimes prove too cumbersome if you typically do one type of activity on the web like chat / email / hang out on slack. Typically for when you need to insulate different activities from each other and to avoid contaminating different contextual environments / tasks.