diff --git a/content/about/uses.gmi b/content/about/uses.gmi
index f5bc7ab..d9c16c6 100644
--- a/content/about/uses.gmi
+++ b/content/about/uses.gmi
@@ -6,7 +6,7 @@ My main computer is a 2013 HP Elitebook 840 G1. It has a dual-core Intel i5-4300
 
 ## Environment
 
-* OS: Fedora 36
+* OS: Fedora, latest stable release.
 * Wayland compositor: Sway
 * Shell: zsh (interactive), dash (non-interactive/shell-scripts)
 * Terminal Emulator: Foot. Sometimes gnome-terminal when I'm using a screen reader.
@@ -16,18 +16,22 @@ My main computer is a 2013 HP Elitebook 840 G1. It has a dual-core Intel i5-4300
 * `$EDITOR`: Neovim
 * Browser: Firefox for most pages, Chromium for apps, NetSurf when I'm low on battery.
 * Coreutils alternatives: ripgrep, sd (better multiline regexes than sed), fd
-* Music player: mpd, along with my mpd scripts
-* Video player: three builds of mpv, two with a PGO run on different types of video (anime and live-action-with-filmgrain). Often paired with yt-dlp and mpv_sponsorblock
-* Image viewer: mpv (one less program to keep track of), swayimg. Both support AVIF and JPEG-XL now.
 * Session manager: tmux (I don't use it for tiling, Sway handles that)
 * IRC client: WeeChat. Might use senpai eventually, if I can get it to play well with espeak-ng.
 * News: Newsboat. I'm thinking of switching to a feed-to-IMAP or Maildir setup eventually so I can get sync and use mblaze, and replace a TUI with a CLI. Ideally something that supports WebSub.
+* Containers: Toolbox: Creates quick mutable environments for me to mess around as root. I use Fedora Rawhide for more bleeding-edge packages in these environments. Quick mutable environments to mess around in or use different toolchains are pretty much my only use of containers.
 * Screen reader: Orca
 
 => https://sr.ht/~seirdy/mpd-scripts/ mpd-scripts page
 => https://github.com/po5/mpv_sponsorblock mpv_sponsorblock
 => https://sr.ht/~taiite/senpai/ senpai
 
+## Multimedia
+
+* Music player: mpd, along with my mpd scripts
+* Video player: three builds of mpv, two with a PGO run on different types of video (anime and live-action-with-filmgrain). Often paired with yt-dlp and mpv_sponsorblock
+* Image viewer: mpv (one less program to keep track of), swayimg. Both support AVIF and JPEG-XL now.
+
 ## Mail:
 
 * Mail fetcher: mbsync
diff --git a/content/about/uses.md b/content/about/uses.md
index 65966a6..fceb25a 100644
--- a/content/about/uses.md
+++ b/content/about/uses.md
@@ -8,17 +8,15 @@ date: "2022-06-16T17:16:18-07:00"
 ---
 Here's the software I use. I've recently started to reduce my use of <abbr title="Textual User Interfaces">TUIs</abbr> in favor of <abbr title="Command Line Interfaces">CLIs</abbr> for a variety of reasons. When possible, I try to use lightweight programs that can run on any machine, from a single-board computer to a giant desktop. I don't ever want to feel like I need to upgrade my hardware to do the same tasks as before: hardware upgrades should only be justified by my use-cases significantly changing, existing hardware being broken beyond repair, or upstream abandonment of security patches.[^1]
 
-Hardware
---------
+## Hardware
 
 My main computer is a 2013 HP Elitebook 840 G1. It has a dual-core Intel i5-4300U CPU (Haswell), with simultaneous multithreading disabled.
 
-Environment
------------
+## Environment
 
 
-Fedora 36
-: Primary OS. Uses Linux, Systemd, GNU libc, GNU coreutils, dnf, firewalld, and SELinux.
+Fedora
+: Primary OS, latest stable version. Uses Linux, Systemd, GNU libc, GNU coreutils, dnf, firewalld, and SELinux.
 
 Sway
 : Dynamic Wayland compositor that focuses on tiling window management but also supports tabbed and stacking layouts.
@@ -32,8 +30,7 @@ DASH
 Foot
 : Primary terminal emulator. Sometimes I use gnome-terminal when I'm using a screen reader.
 
-Basic utilities
----------------
+## Basic utilities
 
 
 Neovim
@@ -48,6 +45,24 @@ ripgrep
 [fd](https://github.com/sharkdp/fd)
 : Better parallel execution than `find -exec`. I still use `find` in many situations, though.
 
+Tmux
+: I typically don't use it for tiling or tabs, except over SSH. Sway has me covered there. I instead use Tmux for session management and for buffer manipulation (regex search, piping the buffer, writing the buffer to a file, etc).
+
+WeeChat
+: IRC client. I might use [senpai](https://sr.ht/~taiite/senpai/) eventually, if I can get it to play well with espeak-ng.
+
+Newsboat
+: Feed reader for RSS and Atom feeds. I'm thinking of switching to a feed-to-IMAP or Maildir setup eventually so I can get sync and use mblaze, and replace a TUI with a CLI. Ideally something that supports [WebSub](https://websub.net/draft).
+
+Toolbox
+: Creates quick mutable environments for me to mess around as root. I use Fedora Rawhide for more bleeding-edge packages in these environments. Quick mutable environments to mess around in or use different toolchains are pretty much my only use of containers.
+
+Orca
+: Screen reader. Great for when I'm dealing with overstimulation and need to "turn everything off" for a while. I don't actually rely on this to use my machine.
+
+## Multimedia
+
+
 mpd
 : My music player daemon, paired with [my mpd scripts](https://sr.ht/~seirdy/mpd-scripts/) and [mpd-mpris](https://github.com/natsukagami/mpd-mpris).
 
@@ -58,20 +73,7 @@ mpv
 [swayimg](https://github.com/artemsen/swayimg)
 : Secondary image viewer; grabs window dimensions from the currently-focused window in Sway.
 
-Tmux
-: I typically don't use it for tiling or tabs, except over SSH. Sway has me covered there. I instead use Tmux for session management and for buffer manipulation (regex search, piping the buffer, writing the buffer to a file, etc).
-
-WeeChat
-: IRC client. I might use [senpai](https://sr.ht/~taiite/senpai/) eventually, if I can get it to play well with espeak-ng.
-
-Newsboat
-: Feed reader for RSS and Atom feeds. I'm thinking of switching to a feed-to-IMAP or Maildir setup eventually so I can get sync and use mblaze, and replace a TUI with a CLI. Ideally something that supports [WebSub.](https://websub.net/draft)
-
-Orca
-: Screen reader. Great for when I'm dealing with overstimulation and need to "turn everything off" for a while. I don't actually rely on this to use my machine.
-
-Browsers
---------
+## Browsers
 
 I always disable JavaScript and <abbr title="Just-In-Time">JIT</abbr>-compilation unless it's absolutely required.
 
@@ -88,8 +90,7 @@ Tor Browser
 NetSurf
 : When I'm low on battery or want to experiment a bit.
 
-Mail
-----
+## Mail
 
 Email sucks but it's the only lightweight, open, federated protocol for subject-delimited threaded discussions that meets my needs. It also makes working with open-source projects easier: it gives me one place to look for patches and issues so I don't have to open GitHub, Codeberg, GitLab, Sourcehut, etc. in different tabs and check each one.[^2]
 
@@ -104,13 +105,12 @@ msmtp
 : Routine tasks, displaying my inbox or list threads, reading email, organizing my messages
 
 Neomutt
-: My mail user agent, for the tasks that mbsync isn't good for (e.g. manual organization)
+: My mail user agent, for the tasks that mblaze isn't good for (e.g. manual organization)
 
 [w3m-sandbox](https://git.sr.ht/~seirdy/bwrap-scripts/tree/trunk/item/w3m-sandbox)
 : Displays HTML mail in a sandboxed environment. Networking and most filesystem access are disabled; using its full unrestricted functionality will involve syscalls I forbid with seccomp and crash the program.
 
-Networking and penetration testing
-----------------------------------
+## Networking and penetration testing
 
 Every administrator needs some tools to test their servers.
 
@@ -136,8 +136,7 @@ Every administrator needs some tools to test their servers.
 [ssh-audit](https://github.com/jtesta/ssh-audit)
 : I check my SSH config against [this SSH policy](../ssh-policy.txt). It's based on the GrapheneOS infrastructure's SSH configs.
 
-Other tools
------------
+## Other tools
 
 Everyday utilities I can't live without:
 
@@ -186,8 +185,7 @@ bmake
 <a href="https://github.com/yt-dlp" id="yt-dlp">yt-dlp</a>
 : Download videos from hundreds of different sites, including YouTube. Integrates with external downloaders like aria2 and downloads DASH chunks in parallel to max out your connection speed. yt-dlp also integrates with Sponsorblock to add skippable chapters for the segments I'd otherwise have to manually skip (sponsored content, subscription-begging, an ending segment featuring other videos, and other useless bullshit). I've forgotten what it's like to watch a video ad.
 
-This website
-------------
+## This website
 
 I use multiple aforementioned tools (Neovim, bmake, sd, etc.) for routine tasks when building seirdy.one.
 
@@ -273,7 +271,7 @@ All my server daemons are statically-linked binaries, which makes sandboxing eas
 
 
 Nginx
-: Specifically, [nginx-quic](https://quic.nginx.org/) with the [headers_more](https://github.com/openresty/headers-more-nginx-module) and [ngx_brotli (static)](https://github.com/google/ngx_brotli) modules. Statically linked against zlib-ng, BoringSSL, PCRE2 (non-JIT), and musl libc; patched for dynamic TLS records, basic externally-managed OCSP-stapling support, static HPACK compression, removing server signatures, and enabling dark mode on in-binary error pages. I recommend most people use Caddy instead of Nginx. The only benefits of Nginx are certain modules providing application-server capabilities, the ability to re-load all configs with zero downtime, better requests-per-second on limited hardware (although most sites won't need to handle more than a few hundred requests per second, which Caddy can handle *easily*), and kernel-accelerated TLS for maximizing bandwidth (usually unnecessary).
+: Specifically, [nginx-quic](https://quic.nginx.org/) with the [headers_more](https://github.com/openresty/headers-more-nginx-module) and [ngx_brotli (static)](https://github.com/google/ngx_brotli) modules. Statically linked against zlib-ng, BoringSSL, PCRE2 (non-JIT), and musl libc; patched for dynamic TLS records, basic externally-managed OCSP-stapling support, static HPACK compression, removing server signatures, and enabling dark mode on in-binary error pages. I recommend most people use Caddy instead of Nginx. The only benefits of Nginx are certain modules providing application-server capabilities, the ability to re-load all configs with zero downtime, better requests-per-second on limited hardware (although most sites won't need to handle more than a few hundred requests per second, which Caddy can handle _easily_), and kernel-accelerated TLS for maximizing bandwidth (usually unnecessary).
 
 [certbot-ocsp-fetcher](https://github.com/tomwassenberg/certbot-ocsp-fetcher)
 : Shell script to manage the OCSP cache for Nginx, since Nginx's own implementation shouldn't be used without running a trusted resolver (and is completely non-existent if you build with BoringSSL).
@@ -293,8 +291,7 @@ Agate
 [Conduit](https://conduit.rs/)
 : Faster and more lightweight Matrix server in a single binary.
 
-Services
---------
+## Services
 
 I generally try to limit my dependence on services, preferring to run software myself. I do make a few compromises.
 
@@ -314,8 +311,7 @@ I generally try to limit my dependence on services, preferring to run software m
 [Search My Site](https://searchmysite.net/)
 : I already pay for it; I might as well use it! Its API powers the site's search functionality, with searches proxied through a tiny Go wrapper on my backend.
 
-What I don't use
-----------------
+## What I don't use
 
 These are tools that I don't use, or avoid using.