Merge pull request #17 from src4026/main

Miscellaneous fixes to the contents of the articles

src/pages/en/guides/moderately-important/backups.mdx

@@ -63,7 +63,7 @@ _Listed in alphabetical order, not order of recommendation_
   alt="Cryptomator logo"
   class="float-left mx-6 w-24"
 />
-**If none of these options work for you - or if you would like to add an additional layer of security to one of the options suggested above - then I recommend using [Cryptomator](https://cryptomator.org/). Cryptomator is an open source tool that allows you to easily create an encrypted vault in your cloud storage folder to be synced to other devices. Cryptomator is free to use on desktop, but requires a one-time license key to use on iOS or Android (the license is not transferrable between operating systems, so if you moved from iOS to Android, for example, you would need to purchase a new license). Despite the cost and the fact that other methods exist of acheiving the same result, Cryptomator is my main recommendation for this particular use-case (creating an encrypted vault within your cloud storage to be synced across devices) because of the ease of use and Cryptomator's longstanding reputation.
+**If none of these options work for you** - or if you would like to add an additional layer of security to one of the options suggested above - then I recommend using [Cryptomator](https://cryptomator.org/). Cryptomator is an open source tool that allows you to easily create an encrypted vault in your cloud storage folder to be synced to other devices. Cryptomator is free to use on desktop, but requires a one-time license key to use on iOS or Android (the license is not transferrable between operating systems, so if you moved from iOS to Android, for example, you would need to purchase a new license). Despite the cost and the fact that other methods exist of acheiving the same result, Cryptomator is my main recommendation for this particular use-case (creating an encrypted vault within your cloud storage to be synced across devices) because of the ease of use and Cryptomator's longstanding reputation.
 
 ### iCloud's Advanced Data Protection Program
 

src/pages/en/guides/moderately-important/metadata.mdx

@@ -11,7 +11,7 @@ import Highlighting from "@components/common/Highlighting.astro";
 # Understanding Metadata
 
 Ninety-five percent of the web is [encrypted](https://twitter.com/jlivingood/status/1389584630299385856). That means that if you visit Facebook, your Internet Service Provider (ISP) can see that you visited and how long stayed, but they can't see your login credentials (username and password) or which exact pages you went to. This is done with the use of [Transport Layer Security](https://en.wikipedia.org/wiki/Transport_Layer_Security), or TLS, a powerful and increasingly popular encryption protocol used online.
-There are two problems with relying strictly on the current TLS model of the intert, however. First, it only protects data in transit. When you connect to Amazon, your ISP can see that you visited Amazon, but Amazon can see every page, click, and purchase without restriction. Second and more importantly, \*\*often you don't need to see the content itself to start making powerful, accurate assumptions.
+There are two problems with relying strictly on the current TLS model of the intert, however. First, it only protects data in transit. When you connect to Amazon, your ISP can see that you visited Amazon, but Amazon can see every page, click, and purchase without restriction. Second and more importantly, **often you don't need to see the content itself to start making powerful, accurate assumptions.**
 
 ## What is Metadata?
 

src/pages/en/guides/prologue/open-source.mdx

@@ -28,7 +28,7 @@ Two separate people purchased different proprietary products: a [refrigerator](h
 
 On the one hand, one could argue that this is a company protecting its investment or intellectual property, especially since many manufacturers sell the initial product at a loss or reduced profit expecting to make the money back in recurring purchases. However **this also sets a dark trend where corporations control all the products in our lives,** crushing out competition. In the case of the refrigerator, if I wanted to start a company that sells a filter that provides cleaner water, I would need to convince GE to contract with me. Without this heavy-handed DRM, I can simply enter my product into the free market and let the consumer decide which filter they feel is better. But this kind of anti-competitive behavior holds the products hostage, putting unreasonable limits on what consumers are allowed to do with them and forcing them to pay exorbitant prices just to get basic functionality out of items they already paid for.
 
-The modern era is flooded with examples of DRM overreach. In 2022, [BMW](https://www.theverge.com/2022/7/12/23204950/bmw-subscriptions-microtransactions-heated-seats-feature) started requiring a subscription to make use of the heated seating feature installed in their cars Pearson, the publishing company who essentially monopolizes the academic textbook space, abused their monopolistic power to [raise texbook prices](https://academicebookinvestigation.org/2021/11/25/outrage-as-pearson-increase-ebook-prices-by-500-in-one-week/) by $500 in a single week. In 2009, Amazon entirely removed digital copies of [1984](https://www.pcworld.com/article/519855/amazon_kindle_1984_lawsuit.html) from paying customer's libraries after a copyright dispute. Apple users were outraged in 2014 to wake up one morning and find that copies of U2's latest album had been placed into their [iTunes libraries](<https://en.wikipedia.org/wiki/Songs_of_Innocence_(U2_album)#Effectiveness_and_reaction>) without their consent. There are certainly defenses to be made to fight piracy and ensure products aren't being used for illegal means, but I've yet to meet anyone who thinks that these stories aren't even a little excessive.
+The modern era is flooded with examples of DRM overreach. In 2022, [BMW](https://www.theverge.com/2022/7/12/23204950/bmw-subscriptions-microtransactions-heated-seats-feature) started requiring a subscription to make use of the heated seating feature installed in their cars. Pearson, the publishing company who essentially monopolizes the academic textbook space, abused their monopolistic power to [raise texbook prices](https://academicebookinvestigation.org/2021/11/25/outrage-as-pearson-increase-ebook-prices-by-500-in-one-week/) by $500 in a single week. In 2009, Amazon entirely removed digital copies of [1984](https://www.pcworld.com/article/519855/amazon_kindle_1984_lawsuit.html) from paying customer's libraries after a copyright dispute. Apple users were outraged in 2014 to wake up one morning and find that copies of U2's latest album had been placed into their [iTunes libraries](<https://en.wikipedia.org/wiki/Songs_of_Innocence_(U2_album)#Effectiveness_and_reaction>) without their consent. There are certainly defenses to be made to fight piracy and ensure products aren't being used for illegal means, but I've yet to meet anyone who thinks that these stories aren't even a little excessive.
 
 We have entered a new world of truly 24/7 online connectivity. Many cars now have their own modems built in to connect to the internet from anywhere; our appliances like thermostats, lightbulbs, washing machines, and coffee makers are constantly connected for remote control or convenience. As connectivity begins to permeate every item in our lives, it's important to not only be aware of what [data](https://www.forbes.com/sites/robertvamosi/2015/01/22/collecting-big-data-from-iot/) those devices are sending and the [security risks](https://www.zdnet.com/article/iot-security-is-bad-its-time-to-take-a-different-approach/) of such a device, but also to know that they now have the ability to enforce the terms of service - which are often subject to change at any time without warning - at any time for any reason, like when the power companies remotely adjusted [smart themostats](https://www.usatoday.com/story/tech/2021/06/19/texas-power-companies-raising-smart-thermostat-temps-why/7754658002/) during a heatwave without warning to conserve power and reduce strain on the grid. Your car might not report you for speeding right now, but it has the ability to and at any time the service provider may change the rules and start reporting your speeding habits to insurance and [law enforcement](https://www.npr.org/sections/thetwo-way/2011/04/28/135809709/dutch-police-used-tomtoms-gps-data-to-target-speeders). **In the future your car may only allow you to repair it with manufacturer parts, or may decide that attempting repairs at home voids your warranty.** Take for example the driver who got [stranded](https://arstechnica.com/cars/2020/02/driver-stranded-after-connected-rental-car-cant-call-home/) when his rental car couldn't connect to a network.
 

src/pages/en/guides/prologue/threat-model.mdx

@@ -30,7 +30,7 @@ What's **your** threat model? You can't know how to properly defend yourself aga
 <Highlighting>
 
 1. **What do I want to protect?**
-   This is typically known as **assets**, and they come in both physical and non-physical forms. A physical asset would be something like a laptop, phone, or file cabinet - a place that holds the data you wish you to protect. A non-physical asset would be something like a bank account, email account, or cloud storage backup account. You need to identify all your assets. Another term worth introducing at this stage is "**attack surface**." This is a fancy term for all the possible points of failure where you might be compromised. Every app you download, every account you create, every file you store expands your attack surface and presents another chance for compromise to occur. Minimalism is your best friend when it comes to privacy and security, particularly with your assets. The less assets you have, the smaller your attack surface. Just something to keep in mind. (_Note: an individual piece of your attack surface is known as an "attack vetor." Attack vectors combine to create an attack surface, like drops of water combine to create a puddle, lake, or ocean._)
+   This is typically known as **assets**, and they come in both physical and non-physical forms. A physical asset would be something like a laptop, phone, or file cabinet - a place that holds the data you wish you to protect. A non-physical asset would be something like a bank account, email account, or cloud storage backup account. You need to identify all your assets. Another term worth introducing at this stage is "**attack surface**." This is a fancy term for all the possible points of failure where you might be compromised. Every app you download, every account you create, every file you store expands your attack surface and presents another chance for compromise to occur. Minimalism is your best friend when it comes to privacy and security, particularly with your assets. The less assets you have, the smaller your attack surface. Just something to keep in mind. (_Note: an individual piece of your attack surface is known as an "attack vector." Attack vectors combine to create an attack surface, like drops of water combine to create a puddle, lake, or ocean._)
 2. **Who do I want to protect it from?**
    “Bad guys” is not a good answer to this question because it is too vague. Different types of bad guys have different resources and motivations. For example, a typical cybercriminal wouldn't likely target you specifically (see [Understanding Data Breaches](/guides/most-important/data-breaches)). A potential employer or doxxer, on the other hand, is targeting you specifically and one may have different resources to work with. Try to be specific when identifying the "who" of your threat model, and know that it can vary from asset to asset.
 3. **How bad are the consequences if I fail?**