For "casual bloggers who wish to keep their identities hidden from the general public", a good number of suggestions seem totally unnecessary, e.g. using a burner device, or avoid home/work networks (when you're already using Tor). What's the attack vector here? Someone hacking into wordpress.com servers and getting your OS/browser signatures (both pluggable)? Then what? And assuming they can hack into wordpress.com servers, your email alone would be a lot more valuable than aforementioned signatures.

Meanwhile, for people worried about nation state actors, using a free blogging service is probably not enough, since it's damn hard these days to sign up for popular services that don't eventually link back to you.