Revise text: general improvements and cleanup

user/how-to-guides/how-to-organize-your-qubes.md

@@ -122,12 +122,11 @@ the other. Alice's setup looks like this:
   Even then, no qube ever has direct access to Alice's private keys except the
   backend vault itself.
 
-
 - A password manager vault. This is another completely offline,
-  network-isolated qube where Alice uses her offline password manager to store
+  network-isolated qube where Alice uses her offline password manager,
-  all of her usernames and passwords. She uses the [secure copy and paste
+  KeePassXC, to store all of her usernames and passwords. She uses the [secure
-  system](/doc/how-to-copy-and-paste-text/) to quickly copy credentials into
+  copy and paste](/doc/how-to-copy-and-paste-text/) system to quickly copy
-  other qubes whenever she needs to log into anything.
+  credentials into other qubes whenever she needs to log into anything.
 
 - Personal qubes. One of the things Alice loves the most about Qubes is that
   she can use it for both work *and* personal stuff without having to worry
@@ -166,7 +165,7 @@ his colleagues, his family, and himself; and he understands that computer
 security is an important part of that. He has a Qubes laptop that he uses only
 for work, which contains:
 
-- One offline qube for writing. It only runs LibreOffice Writer. This is where
+- One offline qube for writing. It runs only LibreOffice Writer. This is where
   Bob does all of his writing. This window is usually open side-by-side with
   another window containing research or material from a source.
 
@@ -180,23 +179,24 @@ for work, which contains:
 - Whonix qubes. He has the standard `sys-whonix` service qube for providing
   Torified network access, and he uses disposable `anon-workstation` app qubes
   for using Tor Browser to do research on stories he's writing. Since the topic
-  is often of a sensitive nature or might involve powerful individuals, it's
+  is often of a sensitive nature and might implicate powerful individuals, it's
   important that he be able to conduct this research with a degree of
   anonymity. He doesn't want the subjects of his investigation to know that
-  he's investigating him. He also doesn't want his network requests being
+  he's looking into them. He also doesn't want his network requests being
-  traced back to his work or home IP addresses. Whonix addresses both of these
+  traced back to his work or home IP addresses. Whonix helps with both of these
   concerns. He also has another Whonix-based disposable template for receiving
-  tips anonymously via Tor, since some whistleblowers he's interacted with have
+  tips anonymously via Tor, since some high-risk whistleblowers he's interacted
-  said that they don't want to risk using regular email.
+  with have said that they can't take a chance with any other form of
+  communication.
 
 - Two qubes for
   [Signal](https://github.com/Qubes-Community/Contents/blob/master/docs/privacy/signal.md).
   Bob has two Signal app qubes (both on the same template in which the Signal
-  desktop app is installed). One is linked to his work mobile number for
+  desktop app is installed). One is linked to his own mobile number for
-  communicating with co-workers. The other is a public number that serves as
+  communicating with co-workers and other known, trusted contacts. The other is
-  another method of allowing sources to contact him confidentially. This is
+  a public number that serves as an additional way for sources to reach him
-  especially useful for individuals who don't use Tor but for whom unencrypted
+  confidentially. This is especially useful for individuals who don't use Tor
-  communication could be dangerous.
+  but for whom unencrypted communication could be dangerous.
 
 - Several data vaults. When someone sends Bob material that turns out to be
   useful, or when he comes across useful material while doing his own research,
@@ -210,13 +210,14 @@ for work, which contains:
 - A [VPN
   qube](https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md)
   and associated qubes for accessing work resources. The servers at work can
-  only be accessed via a VPN, so Bob has certain qubes that are connected to a
+  only be accessed from the organization's network, so Bob has certain qubes
-  VPN qube so that he can upload his work and access anything he needs on the
+  that are connected to a VPN qube so that he can upload his work and access
-  local network without being there.
+  anything he needs on the local network when he's not physically there.
 
-- A password manager vault. Bob stores all of his login credentials in this
+- A password manager vault. Bob stores all of his login credentials in the
-  offline qube and [securely copies and
+  default password manager that came with his offline vault qube. He [securely
-  pastes](/doc/how-to-copy-and-paste-text/) them into other qubes as needed.
+  copies and pastes](/doc/how-to-copy-and-paste-text/) them into other qubes as
+  needed.
 
 A colleague helped Bob set up his Qubes system initially and showed him how to
 use it. Since Bob's workflow is pretty consistent and straightforward, the way
@@ -225,9 +226,10 @@ colleague told him to remember a few simple rules: Don't copy or move
 [text](/doc/how-to-copy-and-paste-text/) or
 [files](/doc/how-to-copy-and-move-files/) from less trusted to more trusted
 qubes; [update](/doc/how-to-update/) your system when prompted; and make
-regular [backups](/doc/how-to-back-up-restore-and-migrate/). Bob doesn't care
+regular [backups](/doc/how-to-back-up-restore-and-migrate/). Bob doesn't have
-to try out new software or tweak any settings, so he can do everything he needs
+the need to try out new software or tweak any settings, so he can do everything
-to do without having to interact with the command line.
+he needs to do on a daily basis without having to interact with the command
+line.
 
 
 ## Carol, the investor
@@ -243,14 +245,14 @@ protection organizations only guarantee recovery in the case of a financial
 institution *failing*, which is quite different from an individual customer
 being hacked. Moreover, even though many financial institutions have their own
 cybercrime policies, rarely, if ever, do they explicitly guarantee
-reimbursement in the event that a customer gets hacked rather than the
+reimbursement in the event that a *customer* gets hacked (rather than the
-institution itself.
+institution itself).
 
 Carol looked into how thieves might actually try to steal her hard-earned
 wealth and was surprised to learn that they have all sorts of ploys that she
 had never even considered. For example, she had assumed that any theft would,
-at the very least, have to involve transferring money out of her account. That
+at the bare minimum, have to involve transferring money out of her account.
-seemed like a safe basic assumption. But then she read about "pump and dump"
+That seems like a safe assumption. But then she read about "pump and dump"
 attacks, where thieves buy up some penny stock, hack into innocent people's
 brokerage accounts, then use the victims' funds to buy that same penny stock,
 "pumping" up its price so that the thieves can "dump" their shares on the
@@ -276,18 +278,21 @@ for "most secure operating system." She read about how it's designed and why.
 Although she didn't immediately understand all of the technical details, the
 fundamental principle of [security-by-compartmentalization](/doc/architecture/)
 made intuitive sense to her, and the more she learned about the technical
-aspects, the more she realized that this is what she'd been looking for. Her
+aspects, the more she realized that this is what she'd been looking for. Today,
-setup looks like this:
+her setup looks like this:
 
 - One qube for each investment firm and bank. Carol has a few different
   retirement accounts, brokerage accounts, and bank accounts. She treats each
   qube like a "secure terminal" for accessing only that one institution's
-  website and saving any statements and confirmations she downloads in that
+  website. She makes her transactions and saves any statements and
-  qube. She uses the [Qubes firewall](/doc/firewall/) to enable access only to
+  confirmations she downloads in that qube. She uses the [Qubes
-  that institution's website so that she doesn't accidentally visit any others
+  firewall](/doc/firewall/) to enable access only to that institution's website
-  in that qube.
+  in that qube so that she doesn't accidentally visit any others. Since most of
+  what she does involves using websites and PDFs, most of Carol's app qubes are
+  based on a [minimal template](/doc/templates/minimal/) with just a web
+  browser (which doubles as a PDF viewer) and a file manager installed.
 
-- One qube for all her credit card accounts. Carol considered making a separate
+- One qube for all her credit card accounts. Carol started to make a separate
   qube for each credit card account but ultimately decided against it. For one
   thing, the consumer protections for credit card fraud in her country are much
   better than for losing assets to theft or fraud in a bank or brokerage
@@ -296,13 +301,18 @@ setup looks like this:
   accounts or her old credit card statements, since online access to these
   generally doesn't allow spending or withdrawing any money. So, even the worst
   case scenario here wouldn't be catastrophic, unlike with her bank and
-  brokerage accounts. Finally, she has way too many credit cards! While she's
+  brokerage accounts. Third, she's not too worried about any of her credit card
-  very frugal, she likes to collect the sign-up bonuses that are offered for
+  company websites being used to attach each other or her qube (As long as it's
-  opening new cards, so she's accumulated quite a few of them. (However, she's
+  contained to a single qube, she's fine with that level of risk.) Last, but
-  always careful to pay off her balance each month, so she never pays interest.
+  not least: She has way too many credit cards! While Carol is very frugal, she
-  She's also pretty disciplined about only spending what she would have spent
+  likes to collect the sign-up bonuses that are offered for opening new cards,
-  *anyway* and not being tempted to spend more just to meet a spending
+  so she's accumulated quite a few of them. (However, she's always careful to
-  requirement or because she can.)
+  pay off her balance each month, so she never pays interest. She's also pretty
+  disciplined about only spending what she would have spent *anyway* and not
+  being tempted to spend more just to meet a spending requirement or because
+  she can.) At any rate, Carol has decided that the tiny benefit she stands to
+  gain from having a separate qube for every credit card website wouldn't be
+  worth the hassle of having to manage so many extra qubes.
 
 - One qube for credit monitoring, credit reports, and credit history services.
   Carol has worked hard to build up a good credit score, and she's concerned
@@ -319,42 +329,56 @@ setup looks like this:
   this offline qube is where she maintains a master spreadsheet to track all of
   her investments and her savings rate. She also keeps her budgeting
   spreadsheet, insurance spreadsheet, and written investment policy statement
-  here.
+  here. This qube is based on a template with some additional productivity
+  software, like LibreOffice and Gnumeric (so that Carol can run her own Monte
+  Carlo simulations).
 
 - Various email qubes. Carol likes to have one email qube for her most
   important financial accounts; a separate one for her credit cards accounts,
   online shopping accounts, and insurance companies; and another one for
-  personal email.
+  personal email. They're all based on the same template with Thunderbird
+  installed.
 
 - A password manager vault. A network-isolated qube where Carol stores all of
-  her account usernames and passwords. She uses the [Qubes global
+  her account usernames and passwords in KeePassXC. She uses the [Qubes global
-  clipboard](/doc/how-to-copy-and-paste-text/) to copy and past them into her
+  clipboard](/doc/how-to-copy-and-paste-text/) to copy and paste them into her
   other qubes when she needs to log into her accounts.
 
 The vast majority of Carol's assets are in broad-based, low-cost,
 passively-managed indexed funds. Lately, however, she's started getting
-interested in cryptocurrency. Although she's still skeptical of investments
+interested in cryptocurrency. She's still committed to staying the course with
-that don't generate cash flows or that are associated with scams or wild
+her tried-and-true investments, and she's always been skeptical of new asset
-speculation, she finds the idea of self-custodying a portion of her assets
+classes, especially those that don't generate cash flows or that often seem to
-appealing. She's knows they're very volatile, but she likes the idea of having
+be associated with scams or wild speculation. However, she finds the ability to
-a hedge against certain types of political risk, and she recognizes that high
+self-custody a portion of her assets appealing from a long-term risk management
-volatility also carries the potential for high returns, so she's decided to dip
+perspective, particularly as a hedge against certain types of political risk.
-her toe in the water by allocating a small portion of her portfolio. This has
+She recognizes that cryptocurrency is extremely volatile, and she knows that
-led her to add the following:
+she has the self-discipline to invest only what she can afford to lose, so
+she's decided to dip her toe in the water by allocating a small portion of her
+portfolio. This has led her to add the following to her Qubes setup:
 
-- A standalone qube for running Bitcoin Core. Carol finds the design and
+- A standalone qube for running Bitcoin Core and an offline wallet vault. Carol
-  security properties of Bitcoin very interesting, so she's experimenting with
+  finds the design and security properties of Bitcoin very interesting, so
-  running a full node.
+  she's experimenting with running a full node. She also created a
+  network-isolated vault in order to try running a copy of Bitcoin Core
+  completely offline as a "cold storage" wallet. She's still trying to figure
+  out how this compares to an actual hardware wallet, paper wallet, or
+  physically air-gapped machine, but she's figures they all have different
+  security properties. She also recently heard about using [Electrum as a
+  "split" wallet in
+  Qubes](https://github.com/Qubes-Community/Contents/blob/master/docs/security/split-bitcoin.md)
+  and is interested in exploring that further.
 
 - Whonix qubes. Carol read somewhere that Bitcoin nodes should be run over Tor
   for privacy and security. She found it very convenient that Whonix is already
-  integrated into Qubes, so she simply set her Bitcoin Core qube to use
+  integrated into Qubes, so she simply set her Bitcoin Core "full node" qube to
-  `sys-whonix` as its networking qube.
+  use `sys-whonix` as its networking qube.
 
-- Various qubes for DeFi and Ledger Live. Carol has also started getting into
+- Various qubes for DeFi and web3. Carol has also started getting into DeFi
-  decentralized finance and web3, so a friend recommended that she get a Ledger
+  (decentralized finance) and web3 on Ethereum and other smart contract
-  hardware wallet. She downloaded the Ledger Live software in an app qube and
+  blockchains, so a friend recommended that she get a Ledger hardware wallet.
-  [set up her system to recognize the
+  She downloaded the Ledger Live software in an app qube and [set up her system
+  to recognize the
   Ledger](https://www.kicksecure.com/wiki/Ledger_Hardware_Wallet). She can now
   start her [USB qube](/doc/usb-qubes/), plug her Ledger into it into a USB
   port, [use the Qubes Devices widget to attach it](/doc/how-to-use-devices/)
@@ -366,8 +390,15 @@ led her to add the following:
 
 - Various qubes for research and centralized exchanges. Carol uses these when
   she wants to check block explorer websites, coin listing and market cap
-  sites, aggregation tools, or just to see what the latest buzz is on Twitter.
+  sites, aggregation tools, or just to see what the latest buzz is on Crypto
+  Twitter.
 
+Carol makes sure to back up all of her qubes that contain important account
+statements, confirmations, spreadsheets, cryptocurrency wallets, and her
+password manager vault. If she has extra storage space, she'll also back up her
+templates and even her Bitcoin full node qube, but she'll skip them if she
+doesn't have time or space, since she knows she can always recreate them again
+later and download what she needs from the Internet.
 
 ## Conclusion
 
@@ -382,12 +413,18 @@ everyone will want to use the same email client. On the other hand, almost
 everyone will need a password manager, and it pretty much always makes sense to
 keep it in an offline, network-isolated vault.
 
-As you're designing your own Qubes system, keep in mind some of the following
+As you gain experience with Qubes, you may find yourself disagreeing with some
-tips:
+of the decisions our fictional friends made. That's okay! There are many
+different ways to organize a Qubes system, and the most important criterion is
+that it serves the needs of its owner. Since everyone's needs are different,
+it's perfectly normal to find yourself doing things a bit differently.
+Nonetheless, there are some general principles that almost all users find
+helpful when they're first starting out. As you're designing your own Qubes
+system, keep in mind some of the following lessons from our case studies:
 
-- You'll probably change your mind as you go. You'll realize that this qube
+- You'll probably change your mind as you go. You'll realize that one qube
   should really be split into two, or you'll realize that it doesn't really
-  make sense for these two qubes to be separate and that they should instead be
+  make sense for two qubes to be separate and that they should instead be
   merged into one. That's okay. Qubes OS supports your ability to adapt and
   make changes as you go. Try to maintain a flexible mindset. Things will
   eventually settle down, and you'll find your groove. Changes to the way you
@@ -404,7 +441,7 @@ tips:
   experience of others. Keeping good backups also allows you to be a bit more
   free with reorganizations. You can delete qubes that you think you won't need
   anymore without having to worry that you might need them again someday, since
-  you know you can always restore them from a backup if it turns out you do.
+  you know you can always restore them from a backup.
 
 - Think about which programs you want to run and where you want to store data.
   In some cases, it makes sense to run programs and store data in the same
@@ -417,14 +454,14 @@ tips:
   size of your installation. Templates, service qubes, and qubes that are used
   exclusively for running programs and that contain no data don't necessarily
   have to be backed up as long as you're confident that you can recreate them
-  if needed. This is why it can be useful to keep notes on which packages you
+  if needed. This is why it's a good practice to keep notes on which packages
-  installed in which templates and which customizations and configurations you
+  you installed in which templates and which customizations and configurations
-  made. Then you can refer to your notes the next time you need to recreate
+  you made. Then you can refer to your notes the next time you need to recreate
-  them. Of course, backing up everything is not a bad idea either. It may
+  those qubes. Of course, backing up everything is not a bad idea either. It
-  require a bit more time and disk space upfront, but for some people, it can
+  may require a bit more time and disk space upfront, but for some people, it
-  be just as important as backing up their irreplaceable data. If your system
+  can be just as important as backing up their irreplaceable data. If your
-  is mission-critical, and you can't afford more than a certain amount of
+  system is mission-critical, and you can't afford more than a certain amount
-  downtime, then by all means, back everything up!
+  of downtime, then by all means, back everything up!
 
 - Introspect on your own behavior. For example, if you find yourself wanting to
   find some way to get two qubes to share the same storage space, then this is
@@ -454,16 +491,17 @@ tips:
 - On the other hand, compartmentalization --- like everything else --- can be
   taken to an extreme. The appropriate amount depends on your temperament,
   time, patience, experience, risk tolerance, and expertise. In short, there
-  can be such a thing as *too much* self-imposed security! You also have to be
+  can be such a thing as *too much* compartmentalization! You also have to be
-  able to use your computer to actually do the things you need to do. For
+  able to actually *use* your computer efficiently to do the things you need to
-  example, if you immediately try to jump into doing everything in
+  do. For example, if you immediately try to jump into doing everything in
   [disposables](/doc/how-to-use-disposables/) and find yourself constantly
   losing working (e.g., because you forget to transfer it out before the
   disposable self-destructs), then that's a big problem! Your extra
   self-imposed security measures are interfering with the very thing they're
   designed to protect. At times like these, take a deep breath and remember
   that you've already reaped the vast majority of the security benefit simply
-  by using Qubes and performing basic-level compartmentalization (e.g., no
+  by using Qubes OS in the first place and performing basic
-  random web browsing in templates). Each further step of hardening and
+  compartmentalization (e.g., no random web browsing in templates). Each
-  compartmentalization beyond that is only an incremental gain with diminishing
+  further step of hardening and compartmentalization beyond that represents an
-  marginal utility. Try not to allow the perfect to be the enemy of the good!
+  incremental gain with diminishing marginal utility. Try not to allow the
+  perfect to be the enemy of the good!