clarify VPN phrasing

content/posts/tails-best/index.md

@@ -74,11 +74,11 @@ To explain how this works, it helps if you have a basic understanding of what To
 
 For your *physical footprint*, a surveillance operation can observe you go to a cafe regularly, then try to correlate this with online activity they suspect you of (for example, if they suspect you are a website moderator, they can try to correlate these time windows with web moderator activity). For your *digital footprint*, if you are using Internet from home, an investigator can observe all your Tor traffic and then try to correlate this with online activity they suspect you of. For your *specific online activity*, a more sophisticated analysis would involve logging the connections to the server for detailed comparison, and a simple analysis would be something that is publicly visible to anyone (such as when your alias is online in a chatroom, or when a post is published to a website).
 
-You can mitigate the techniques available to powerful adversaries by **prioritizing .onion links when available**, by **taking the possibility of targeted surveillance into account** and by **not using an Internet connection that is tied to your identity**.
+You can mitigate the techniques available to powerful adversaries by **prioritizing .onion links when available**, by **taking the possibility of targeted surveillance into account** and by **using an Internet connection that is not tied to your identity**.
 
-### Internet not tied to your identity
+### An Internet connection not tied to your identity
 
-Using Internet that is not tied to your identity means that if an attack on the Tor network succeeds, it still doesn't deanonymize you. You have two options: using Wi-Fi from a public space (like going to a cafe without CCTV cameras), or using a Wi-Fi antenna through a window from a private space. 
+Using an Internet connection that is not tied to your identity means that if an attack on the Tor network succeeds, it still doesn't deanonymize you. You have two options: using Wi-Fi from a public space (like going to a cafe without CCTV cameras), or using a Wi-Fi antenna through a window from a private space. 
 
 #### Working from a public space
 
@@ -98,11 +98,11 @@ When using Wi-Fi in a public space, keep the following operational security cons
 
 If you need to regularly use the Internet for projects like moderating a website or hacking, going to a new Wi-Fi location after doing surveillance countermeasures might not be realistic on a daily basis. Additionally, a main police priority will be to seize the computer while it is unencrypted, and this is much easier for them to achieve in a public space, especially if you are alone. In this scenario, the ideal mitigation is to **use a Wi-Fi antenna positioned behind a window in a private space to access from a few hundred metres away** — a physical surveillance effort won't observe you entering a cafe or be able to easily seize your powered-on laptop, and a digital surveillance effort won't observe anything on your home Internet. To protect against [hidden cameras](https://www.notrace.how/earsandeyes), you should still be careful about where you position your screen. 
 
-If a Wi-Fi antenna is too technical for you, you may even want to **use your home internet** for some projects that require frequent internet access. This contradicts the previous advice to not use an Internet connection that is tied to your identity. It's a trade-off: using Tor from home avoids creating a physical footprint that is so easy to observe, at the expense of creating a digital footprint which is more technical to observe, and may be harder to draw meaningful conclusions from (especially if you intentionally [make correlation attacks more difficult](/posts/tails/#make-correlation-attacks-more-difficult)). There are two main deanonymization risks to consider when using your home internet: that the adversary deanonymizes you through a targeted correlation attack, or that they deanonymize you by hacking your system (such as through [phishing](/posts/tails-best/#phishing-awareness)) which [enables them to bypass Tor](/posts/qubes/#when-to-use-tails-vs-qubes-os). 
+If a Wi-Fi antenna is too technical for you, you may even want to **use your home internet** for some projects that require frequent internet access. This contradicts the previous advice to not use an Internet connection that is tied to your identity. It's a trade-off: using Tor from home avoids creating a physical footprint that is so easy to observe, at the expense of creating a digital footprint which is more technical to observe, and may be harder to draw meaningful conclusions from (especially if you connect to a VPN *before* connecting to Tor, see the [appendix](/posts/tails-best#appendix-vpns-and-tails)). There are two main deanonymization risks to consider when using your home internet: that the adversary deanonymizes you through a Tor correlation attack, or that they deanonymize you by hacking your system (such as through [phishing](/posts/tails-best/#phishing-awareness)) which [enables them to bypass Tor](/posts/qubes/#when-to-use-tails-vs-qubes-os). 
 
 #### To summarize
 
-For sensitive and irregular Internet activities, use Internet from a random cafe, preceeded by surveillance detection and anti-surveillance. For activities that require daily Internet access such that taking surveillance countermeasures and finding a new cafe isn't realistic, it's best to use a Wi-Fi antenna. If this is too technical for you, using your home Wi-Fi is an option, but this requires trusting Tor's resilience to correlation attacks and the measures you take against being hacked. 
+For sensitive and irregular Internet activities, use an Internet connection from a random cafe, preceeded by surveillance detection and anti-surveillance. For activities that require daily Internet access such that taking surveillance countermeasures and finding a new cafe isn't realistic, it's best to use a Wi-Fi antenna. If this is too technical for you, using your home Wi-Fi is an option, but this requires trusting Tor's resilience to correlation attacks and the measures you take against being hacked. 
 
 # Reducing risks when using untrusted computers
 
@@ -127,7 +127,7 @@ This second issue requires several mitigations. Let's start with a few definitio
 
 * *Software* is the instructions for the computer, which are written in "code". 
 * *Hardware* is the physical computer you are using. 
-* *Firmware* is the low-level software that's embedded in a piece of hardware; you can simply think of it as the glue between the hardware and higher-level software of the operating system. It can be found in several different components (hard drives, USB drives, graphics processor, etc.). 
+* *Firmware* is the low-level software that's embedded in a piece of hardware; you can simply think of it as the glue between the hardware and higher-level software of the operating system. It can be found in [several different components](https://www.kicksecure.com/wiki/Firmware_Security_and_Updates#Firmware_on_Personal_Computers) (hard drives, USB drives, graphics processor, etc.). 
 * *BIOS* is the specific firmware that's embedded in the "motherboard" hardware and responsible for booting your computer when you press the power button. 
 
 Our adversaries have two categories of attack vectors: [physical attacks](/glossary/#physical-attacks) (via physical access) and [remote attacks](/glossary/#remote-attacks) (via the remote access of the Internet). An adversary with physical access can compromise the software (e.g. by replacing the operating system with a malicious version), the hardware (e.g. by adding a keylogger), and the firmware (e.g. by replacing the BIOS with a malicious version). An adversary with remote access starts by hacking you (a software compromise) and can then proceed to compromise the firmware.
@@ -374,3 +374,6 @@ Now we know that we have a genuine version of the Tails public key.  `gpg` also
 
 Now that we know that we have a genuine version of the Tails .img file, we can proceed to install it on a USB. 
 
+# Appendix: VPNs and Tails
+
+