fix after review

src/content/pages/privacy-guides/adversaries-and-anonymity-systems-the-basics.md

@@ -27,7 +27,7 @@ VPN services are the simplest type of anonymity system. Once a user client and r
 
 VPN services provide privacy by hiding Internet destinations from ISPs. And they provide anonymity by hiding user information (such as ISP, IP address and geolocation) from destinations. That is, both ends (and associated network observers) see only a VPN server's IP address. Network latency is far lower than with either mixnets or Tor, and speed (bandwidth) is less likely to be limited.
 
-Reputable VPN services use perfect forward secrecy. For OpenVPN, that relies on TLS with transient symmetric session keys. The keys are negotiated on-the-fly, after the server and client have authenticated themselves. They are unpredictable, and frequently changed (by default, hourly). On the other hand, the [WireGuard](https://www.wireguard.com/) VPN protocol has perfect forward secrecy built in its protocol, every few minutes the negotiated temporary symmetric keys used between the peers are rotated with newly generated ones. An adversary that compromises a particular session can decrypt only traffic from that session. Traffic from retained intercepts and traffic from future sessions remain secure, because they're encrypted with different session keys. If an adversary wanted to decrypt snooped traffic by using a brute force technique, in case of success it would only work for a particular session before keys are rotated, which make this technique expensive and is a no-op, especially if the VPN uses a post-quantum resistant encryption algorithm.
+Reputable VPN services use perfect forward secrecy. For OpenVPN, that relies on TLS with transient symmetric session keys. The keys are negotiated on-the-fly, after the server and client have authenticated themselves. They are unpredictable, and frequently changed (by default, hourly). On the other hand, the [WireGuard](https://www.wireguard.com/) VPN protocol has perfect forward secrecy built in its protocol, every few minutes the negotiated temporary symmetric keys used between the peers are rotated with newly generated ones. An adversary that compromises a particular session can decrypt only traffic from that session. Traffic from retained intercepts and traffic from future sessions remain secure, because they're encrypted with different session keys. If an adversary wanted to decrypt snooped traffic by using a brute force technique, in case of success it would only work for a particular session before keys are rotated, which make this technique expensive not viable, especially if the VPN uses a [post-quantum resistant](https://www.ivpn.net/knowledgebase/general/quantum-resistant-vpn-connections/) encryption algorithm.
 
 VPN services are very easy to set up and use, because providers handle the technical aspects. However, the privacy and anonymity that VPN services provide hinges entirely on the operator's integrity and discretion, on its technical competence, and on its ability to prevent adversaries from observing, manipulating and/or compromising its servers.
 
@@ -47,7 +47,7 @@ Although the Tor network is large, many of its 8000 relays have limited uptime,
 
 ### Mix networks
 
-A Mix network ([detailed explanations](https://blog.nymtech.net/a-simple-introduction-to-mixnets-6783a103d20e)), commonly called "mixnet", is a system that routes network traffic between peers but hides the metadata associated with the traffic, mostly by routing fake traffic and adding delay in the transmission to prevent traffic correlation if an adversary monitors multiple nodes. There are currently two young implementations of mix networks: [NymTech](https://nymtech.net/docs) and [Lokinet](https://lokinet.org/). In order to offer a high quality of service those networks make use of blockchain tokens, both to incentivize hosting highly available routers by rewarding operators, and to fully decentralize the network management. This also mean the network isn't free as you need to spend tokens to use them.
+A Mix network ([detailed explanations](https://blog.nymtech.net/a-simple-introduction-to-mixnets-6783a103d20e)), commonly called "mixnet", is a system that routes network traffic between peers but hides the metadata associated with the traffic, mostly by routing fake traffic and adding delay in the transmission to prevent traffic correlation if an adversary monitors multiple nodes. There are two implementations of mix networks in an early stage of adoption at the time of writing of this guide: [NymTech](https://nymtech.net/docs) and [Lokinet](https://lokinet.org/). In order to offer a high quality of service those networks make use of blockchain tokens, both to incentivize hosting highly available routers by rewarding operators, and to fully decentralize the network management. This also mean the network isn't free as you need to spend tokens to use them.
 
 A mix network should provide full anonymity as the network packets are mixed between different layers of routers, cover packets can be created to reach the desired [level of anonymity](https://blog.nymtech.net/an-empirical-study-of-privacy-scalability-and-latency-of-nym-mixnet-ff05320fb62d), fake bouncing packets create fake inbound traffic to reduce correlation possibility, and packets are delayed in each layer of routers, so the timing can't be analyzed by an observer to trace a packet from the destination to its origin. The only fact that could be known would be that a user is connected to the mix network. However, we still lack feedback about these networks in a real world usage as they are quite recent, compared to Tor which has been successfully running for decades.
 
@@ -93,7 +93,7 @@ Against adversaries with limited international network reach, Tor resists compro
 
 Most VPN services are vulnerable against international reach adversaries. There are typically 10–100 servers, located in 5-20 data centers, in perhaps as many nations, with a hundred users per server. All servers are typically under common ownership and/or management. For providers offering only one-hop routes, an adversary only needs to correlate entry and exit conversations on one server. For all but the largest VPN services, cross correlating all entry and exit conversations would involve far less than a million comparisons.
 
-A few large VPN services have several hundred or more servers, with numerous IP addresses per server, located in perhaps more than 100 data centers. But even for the largest, cross correlating all entry and exit conversations would involve at most a few million comparisons. It all depends on where entry and exit nodes are located, where an adversary can observe traffic, and how many comparisons among concurrent conversations would be required. However, given common ownership and/or management of VPN services, social engineering, or legal and/or political coercion, would be more-likely approaches.
+A few large VPN services have several thousands or more servers, with numerous IP addresses per server, located in perhaps more than 100 data centers. But even for the largest, cross correlating all entry and exit conversations would involve at most a few million comparisons. It all depends on where entry and exit nodes are located, where an adversary can observe traffic, and how many comparisons among concurrent conversations would be required. However, given common ownership and/or management of VPN services, social engineering, or legal and/or political coercion, would be more-likely approaches.
 
 Some VPN services offer multi-hop routes. For example, there might be three servers (A,B,C) in different countries, with six available two-hop routes (A-B,A-C,B-A,B-C,C-A,C-B). Multi-hop routes can offer better protection against passive adversaries with limited network reach, because all users' traffic transits two or more nations. Also, as the entry and exit servers connect using VPNs, adversaries can't intercept individual user connections between servers. But again, common ownership and/or management is the key vulnerability. Multi-hop providers are less vulnerable when the servers are not all in the reach of the adversary who would either know from the VPN entry point that a user is using a multi hop VPN, or from the VPN exit point that a request was done from a multi hop setup.