Most of the author's problems seem to have to do with purchasing and running a VPS anonymously. But why bother? Do you really need to run your own Tor hidden service on your own VPS in order to publish anonymously? What happened to all the free blogging and pastebin services where you can sign up and/or post anonymously? All you need is Tor Browser Bundle and some extra caution. You can stay as anonymous as Tor's security allows, and no money ever changes hands.
Sure, it will be easier for the powers that be to take down something you posted on Tumblr than to take down a Tor hidden service. But that's a completely different matter from publishing anonymously in the first place.
The author also seems to think that publishing images and videos anonymously is harder than publishing ASCII text anonymously. This may be right, but not because of the reasons he cites. If you already have a medium where you can publish ASCII text anonymously, nothing stops you from publishing your media in a base64-encoded form. The real problem with publishing images and videos anonymously is that those media files often contain lots of entropy that could help identify the author, such as location information. No amount of Tor trickery will keep you anonymous unless you thoroughly scrub your media files.
I suspect that the author wants an anonymous VPS so that he has a computer that's not subject to physical seizure, e.g. TSA thugs grabbing it whilst entering or leaving the US. Plus the convenience of being able to access your VPS from anywhere you have a halfway trustworthy SSH connection.
You're thinking of Immigration and Customs Enforcement, which is in the Department of Homeland Security but is definitely not the TSA.
But anyway, they don't have the power to seize your US-based VPS as you cross the border. That would require an actual warrant which requires actual probable cause.
The author focuses on the US, UK, Australia, New Zealand, and Canada as the countries to avoid, but this seems crazy to me. The only common thread I can identify is that they all speak mainly English (sorry Quebec). There are lots of places I would avoid in addition to those; Iran, China, Syria, Libya, ... the list is nearly infinite.
Thank you for the correction, I said TSA when I meant DHS. I agree that they don't have the power to seize your VPS at the border: what I said is that they have the power to seize hardware that you have on your person, which is a non-trivial factor. They've proven themselves willing to abuse this power.
Another possibility would be to get one of the little computers that plug into USB or power socket and can do wifi, sneak one into a cafe or somewhere else with open wifi, and run TOR hidden service on that. It will get found and destroyed in time, but for some time, it might work. Or maybe solar powered Rpi that you put on someone's roof?
I'm not sure how well TOR hidden service would work behind a NAT though.
EDIT: another way would be to go to the dark side, and get your own botnet.
Install server. Wait a few months. Start publishing. No one is holding onto records that long and even if they do no one is going to go through that much video to find you. As long as you disguise your plugin server as something common no one will think to unplug it. Add a fake wire going behind something big for extra effect.
I've been tempted to get ahead of the game and start wearing facial-recognition-jamming face-paint just as a fashion statement. Unfortunately, for this particular use case, the makeup makes you memorable in its own way.
(1) Exif meta-data (Exchangeable image file format) which are things like resolution and dates, but can include serial numbers as well. Here's a handy list of cameras (usually high-end ones) that betray your privacy by embedding a serial number:
(2) IPTC meta-data (International Press Telecommunications Council), though I have yet to see a photo "in the wild" that uses it.
(3) XMP meta-data (Adobe Extensible Metadata Platform). This is added by Photoshop for example. It's two long numbers (DocumentID and InstanceID) which are different for each image.
(4) DRM and anti-counterfeiting stuff that might be added by image editing tools. (Many color copiers do this in the case of paper prints, for example.)
If I were being truly paranoid, I'd use some steganography software to write random "data" across all the low-order bits of any images I _really_ didn't want traced back the the sensor in my camera/phone/videocamera...
Exif is the one everyone knows, but don't discount #3 and #4 (i.e., identifiers added by image editing tools).
To keep a photo untraceable:
Delete the Exif data using a tool like IrfanView.
To edit the photo, download a fresh copy of an open source editing program or a commercial editing tool that does not need registration or activation. After you're done working on the photo, delete the editing program.
For a higher level of security (to guard against the possibility of a GUID or hostname from the OS being embedded in the image), do all of the above on a computer that is not traceable to you, or on a fresh install of the OS, which you wipe after you are finished.
As an example, take a photo with a relatively new digital camera and open the JPG up with an EXIF reader. In all likelihood, you'll see GPS coordinates, the exact time you took the picture, along with the unique identifier of your camera.
Even if you scrub the EXIF data (which you absolutely should do of course) remember that it's likely possible to identify if you took a particular photograph with a particular device.
That isn't a danger that you'll be identified from the photo, but it prevents plausible denial at a later date.
You need a method that can't be distinguished from the native pattern. How much trust do you want to put in your algorithm being invulnerable to future analysis?
That's surely not what kijin was referring to; that can easily be stripped out. Rather there's the problem of being able to determine location purely from the picture itself -- a picture contains a lot more information than just the particular thing you intend to point out in it.
To obfuscate meta-data in media files, use two different editors to covert file formats three times. eg Use Picasa to convert original to high quality jpeg, then use Gimp to convert jpeg to png
Sure, it will be easier for the powers that be to take down something you posted on Tumblr than to take down a Tor hidden service. But that's a completely different matter from publishing anonymously in the first place.
The author also seems to think that publishing images and videos anonymously is harder than publishing ASCII text anonymously. This may be right, but not because of the reasons he cites. If you already have a medium where you can publish ASCII text anonymously, nothing stops you from publishing your media in a base64-encoded form. The real problem with publishing images and videos anonymously is that those media files often contain lots of entropy that could help identify the author, such as location information. No amount of Tor trickery will keep you anonymous unless you thoroughly scrub your media files.