Improve a bit our threat model

doc/threat_model.md

 Threat Model
 ============
+
 The Metadata Anonymisation Toolkit 2 adversary has a number
 of goals, capabilities, and counter-attack types that can be
 used to guide us towards a set of requirements for the MAT2.
@@ -13,17 +14,18 @@ Mat only removes standard metadata from your files, it does _not_:
 
   - anonymise their content (the substance and the form)
   - handle watermarking
-  - handle steganography
+  - handle steganography nor homoglyphs
   - handle stylometry
   - handle any non-standard metadata field/system
 
 If you really want to be anonymous format that does not contain any
 metadata, or better : use plain-text ASCII without trailing spaces.
-And as usual, think before clicking.
+
+And as usual, think twice before clicking.
 
 
 Adversary
-------------
+---------
 
 * Goals:
 
@@ -40,17 +42,18 @@ Adversary
     to directly identify the author and/or source, his next
     goal is to determine the source of the equipment used
     to produce, copy, and transmit the document. This can
-    include the model of camera used to take a photo, or
-    which software was used to produce an office document.
+    include the model of camera used to take a photo or a film, 
+    which software was used to produce an office document, …
 
 
 * Adversary Capabilities - Positioning
+
     - The adversary created the document specifically for this
     user. This is the strongest position for the adversary to
     have. In this case, the adversary is capable of inserting
     arbitrary, custom watermarks specifically for tracking
-    the user. In general, MAT cannot defend against this
-    adversary, but we list it for completeness.
+    the user. In general, MAT2 cannot defend against this
+    adversary, but we list it for completeness' sake.
 
     - The adversary created the document for a group of users.
     In this case, the adversary knows that they attempted to
@@ -58,30 +61,33 @@ Adversary
     or may not have watermarked the document for these
     users, but they certainly know the format used.
 
-    - The adversary did not create the document, the weakest
-    position for the adversary to have. The file format is (most of the time)
-     standard, nothing custom is added: MAT
-    should be able to remove all meta-information from the
-    file.
+		- The adversary did not create the document, the weakest
+		position for the adversary to have. The file format is
+		(most of the time) standard, nothing custom is added:
+		MAT2 must be able to remove all metadata from the file.
+
 
 Requirements
----------------
+------------
 
 * Processing
-    - The MAT2 *should* avoid interactions with information.
+
+    - MAT2 *should* avoid interactions with information.
     Its goal is to remove metadata, and the user is solely
     responsible for the information of the file.
 
-    - The MAT2 *must* warn when encountering an unknown
+    - MAT2 *must* warn when encountering an unknown
     format. For example, in a zipfile, if MAT encounters an
     unknown format, it should warn the user, and ask if the
     file should be added to the anonymised archive that is
     produced.
 
-    - The MAT2 *must* not add metadata, since its purpose is to
+    - MAT2 *must* not add metadata, since its purpose is to
     anonymise files: every added items of metadata decreases
     anonymity.
 
-    - The MAT2 *should* handle unknown/hidden metadata fields,
+    - MAT2 *should* handle unknown/hidden metadata fields,
     like proprietary extensions of open formats.
 
+		- MAT2 *must not* fail silently. Upon failure,
+		MAT2 *must not* modify the file in any way.