This feels like maybe even the majority of the problem.

In general corporate social media favors memetic content and disfavors "inconvenient" content. Inconvenient meaning things that cause non-trivial numbers of users to mash the thumbs down or "report content" button. The premise of that is supposed to be that people are reporting spam and trolling etc.

The problem naturally being that people will also use the platform's "make it go away" mechanism to penalize anyone who tells them things they don't want to hear. And then the sort of people who insist on telling the technical truth even when it's inconsistent with the political lie tend to get shadow banned into irrelevance, which leaves what in everyone's feed instead?

It's easy to hate the candidate on the opposite extreme from the way you lean, so all this really requires is for the extremist on your side to be a corrupt populist who gets support by telling people the lies they want to hear or is paying off the right people to get favorable media coverage or valuable endorsements. Or is just more extreme than you can accept but you're in a district with some people who want that.

Notice also that neither of these candidates are the first choice of the majority. They just have enough support in a >2 candidate race to not be the first knocked out.

> Ones where I don't feel the need to balance risk versus reward for candidates I moderately dislike.

This is Arrow's Impossibility Theorem again. All of them do that, because in the rock-paper-scissors triangle where no candidate can beat both of the others, you then need something equivalent to a score to choose the winner. At which point degrading your second choice hurts them against both your first and third choice and whether or not you should do that is influenced by how likely you regard it that other voters will favor your first choice over your third but not your second.

It's also a dangerous game because the error bars on polls are huge and it's more often than not that the final results are very different than anybody's wild guess from the day before they started counting the votes.

> If I'm moderately confident then I'm likely to do it despite the risk.

Suppose your true ratings would be 10 for your most preferred candidate, 7 for the second best and 1 for the inhuman monster the opposing tribe somehow supports for no explicable reason. Polls say your first choice is expected to score ~5, your second choice ~6 and your vile enemy ~4, but all of these are plus or minus 2 points or more because polls are practically random number generators. What are you going to do?

You have the option to try to tank your second choice to give your first choice a better chance, but it's still a very real possibility that your first choice ends up at 4 and the hated enemy at 5.

> The whole framing of the problem was that one of the candidates in the minority party wins. If there are four unrelated candidates that problem goes away. The more popular moderate won, not a big deal.

It's still the same, and the minority party candidate isn't necessarily that much of a moderate, they're just not a far extremist.

Suppose it's California and a Republican, a Democrat and a member of the Green Party are in the race. The district is 40% Republican and under the old system correspondingly 60% Democrat, but in a system with more than two viable parties, it's 40% Republican, 29.9% Democrat and 30.1% Green.

If you hold that election with RCV and the Democrat gets knocked out first, the moderate Democrats (which, with the Green candidate in the race, was all of them) have to choose between a California Republican and a Green Party candidate who proudly wants to raise the gas tax to $8/gallon and pull out of NATO. More than a third of the moderate Democrats choose the Republican over that and under RCV that becomes a Republican seat.

The same race with score voting only does that if people vote the way you seem to think they would, which is exactly their incentive not to.

Laws are supposed to come from Congress, but by volume most rules the public is subject to now come from unelected administrative agencies in the executive branch. That's a clear violation of the separation of powers.

Members of the US Senate, which laws are supposed to have to pass through, which confirm federal judges, and which do the impeachment trials, were originally appointed by the state legislatures, i.e. represented the states, until they were changed to be directly elected. The public's direct representatives were intended to be the House -- and House districts were intended to be small, until the number of seats was capped. So now the states have no representation in the federal government, and neither House districts nor state-wide Senate seats have small enough constituencies for individuals to be meaningfully heard by their representatives.

Juries have the right to do jury nullification and it's one of the most powerful tools against bad laws. If you're on a jury and you think that it's the law which is wrong rather than the defendant's actions, you are not required to convict them. But defendants are essentially prohibited from telling juries that, so it almost never happens. Likewise, the list of procedural safeguards that were meant to protect people against abusive government prosecutions have been eroded to such an extent in the name of expedient mass incarceration that the freedom of any given person is down to the inclination of the government to charge them with something. Which in turn allows the government to govern through threats and demand things they have no right to demand, since they now have the ability to charge anyone with something else if they don't do whatever the government wants, regardless of whether the law requires them to do what they're being pressured to do, or even whether it's constitutionally permissible to make someone do that.

This is all very bad but it's also not new. And it's what enables a tyrant when one comes, which is why it has needed to be fixed for some time now. But the best time to bolster checks and balances is before you remove them and the second best time is very soon.

> or a tiny stereo image was included to capture depth?

These systems work by having multiple sensors to use for depth perception, so enterprising hackers write software to create two images, one for each sensor, and put some kind of lens or mirror in front of the camera to direct a different image/screen to each sensor.

The problem is fundamentally that the device is taking unsigned analog attacker-controlled input and then signing it, and is being mass produced. So whatever you're having it do, they put something that generates the same photon pattern in front of the device and you can't fix that with cryptography.

You can probably make it so that a cheap camera needs a few hundred dollars in optical glass or similar, and expensive camera needs a few thousand dollars worth, but it's hard to see how you could make it infeasible to anyone with non-trivial resources and it's also easy to mess up even worse and make it practical even for anyone with a computer and a high resolution screen or two.

> or a mini video in the ten seconds before and after the photo was taken?

Which does what if nothing in the image is expected to be moving, or the thing you're pointing the camera at is a screen rather than a piece of paper?

Also, now to verify the signature on your 50kB image you need a 2MB video? Then by default people won't distribute images that have the ability to be verified.

> and the key is in a tamper proof HSM?

Someone figures out a timing attack on the HSM or similar and now you can extract the keys from every device of that model. Happens over and over, the chances of every device getting this right are essentially zero.

> and the key is deleted the moment the camera detects the case being taken apart?

They get multiple cameras of the same model, take one apart to see how the detection works, then having figured out how it works, take the other one apart without triggering it. Or they extract the key without ever removing the case.

Also, now your phone is going to delete its keys when you remove the case to replace the battery or a cracked screen etc., or if the detection system has a false positive? Then you need some way to transfer new keys to a thing that hasn't got any, which is an even worse attack vector than not deleting the keys to begin with.

If it had always been the rule of law until now then we would have an apparatus set up to impose checks and balances and accountability on government officials, but because those things have so atrophied from continuous contempt and neglect, no one knows how to demonstrate that what Trump is doing is wrong without also conceding that half of what the government has been doing for decades is wrong. But they also don't want to stop doing those things and therefore have rather a dilemma.

Of course, that's assuming you actually demand logical consistency. If you don't care about that you can do whatever you want -- which is kind of the trouble.

That's before getting into the practical problems with securing the keys. Every camera by every manufacturer has keys in it and the attacker only needs one key from one camera, and they get to choose the model? Creating something premised on needing to trust something with such a high probability of being compromised is worse than nothing, because it allows the ensuing forgeries a mechanism to pass themselves off as "signed" "real" images.

That's a pretty significant problem if Ford was the only places you can get certain parts or the only company that can do certain types of service etc., because then you have a huge fleet of vehicles you can't efficiently continue to operate.

But then it's the same solution. Before you buy something, require it to be using standard interfaces and have multiple viable independent suppliers for parts and service rather than being locked into a monopoly.

Which is how it should be for digital services. It's fine to pay some company to run physical infrastructure as long as it's a fungible commodity that allows you to switch providers like you can switch brands of toilet paper.

It doesn't have to be that convoluted, all it takes is for the eliminated candidate to be a moderate so their votes go in two different directions. But you're right that I messed up that example; the percentages are wrong.

The problem case is when your second most favored candidate would otherwise be eliminated first and you need to prevent that by causing your most favored candidate to be eliminated instead, because the second best candidate has a better chance in the next round.

Suppose the candidates you dislike, X and Y, are the first choice of 40% and 25% of people respectively, and then A and B split the remainder evenly. X and Y are the two extremists -- on opposite sides of each other, with the moderates A and B in the middle. You favor A but A leans in the direction of X and B leans in the direction of Y.

If B is eliminated first then half of B's support goes A but half goes to Y, Y is still ahead of A and then A is eliminated next. If A -- your preferred candidate -- is eliminated first, half their support goes to B and the other half to X but Y gets nothing. Y then loses to B and the final round is X vs. B rather than X vs. Y. And the elimination of Y puts all their support behind B since X is the opposite extreme. But only if you rank B above A even though that's not what you'd have preferred.

> Yeah that's a real issue, and I'd want to use condorcet methods to fix that.

But now you're no longer using RCV/IRV. Score voting is a Condorcet method.

> Meanwhile with approval or score voting, a lot of people pretend not to like the other party's moderate because they're trying to get their side to win and it gets really messy.

Except that doesn't really help them because doing that also makes it more likely that their least favorite candidate wins, which is a significant incentive not to do it. The only reason to do that is if you're confident your favored candidate could only lose to your second choice, in which case it was really a two candidate race to begin with.

> Is there a need to have multiple candidates per party? If there is, a two stage election that picks party first and then picks probably-the-moderate is probably better than anything.

It doesn't matter if they're in the same party or not. If you're using a voting system that allows more than two parties to be viable then you'll have similar candidates running from similar parties. "Force the election to be one candidate from each of two major parties" is FPTP and it's terrible.

That's not accounting for the time value of money.

Suppose you have a rental unit and before rent control you were planning to rent it out. That now has far less attractive returns and it suddenly makes more sense to sell it as a condo to an occupant rather than keeping it to rent it out. Likewise, other prospective landlords no longer want to buy it at the previous market price (returns went down and they can invest in stocks or housing in some other city instead), so the short-term effect is to increase the number of property sellers and decrease the number of buyers. Short-term, property values going down is the expected thing.

But construction going down is also the expected thing, for the same reason. If property values are lower then the number of viable construction projects is lower and less construction happens.

The lack of construction then continues until rents, even after rent control, are high enough to justify more construction, i.e. are even higher than they were originally, because now to justify the same investment as before you need the current rent to be high enough to account for the inability to increase it later. And with less construction happening, that's the natural result in a growing area. More people have to bid on the same number of units, rents go up. So the short-term effect is lower real estate prices, the long-term effect is higher.

Now you say, if we expect real estate costs to be higher later, why don't investors take advantage? Which is the "time value of money" issue. If you invest there now because the prices will be high later, what do you do with the property in the meantime? If you don't rent it out, paying $1 today to get $1 in ten or twenty years is dumb, so you only buy if the current price is at a discount. If you do rent it out, then you'd be stuck trying to sell a building with a rent-controlled tenant, which isn't worth as much as the same building as empty as you bought it which you could sell as condos or rent out at current rents instead of price controlled ones, and then you still need a discount. And so the current seller has to provide a discount even if the real estate costs will be higher in a few years.

Compressing it makes it slightly worse, but some people think it makes it easier to understand. I tend to think that's silly; people can understand "score each candidate on a scale of 1 to 10" perfectly well. But approval voting would still be a significant improvement over FPTP, and even over RCV.

> That doesn't solve my problem. Take exactly what I said before, but replace "check" with "give the maximum score to".

RCV doesn't solve that either, because it's subject to Arrow's Impossibility Theorem. It's actually even worse, because it makes you give a lower rank (rather than an equal one) to your most favored candidate to prevent an even worse candidate from winning.

Suppose your favorite candidate is the first choice of 20% of the population, your second favorite is 25% and the two candidates you hate are at 25% and 30% respectively. RCV makes you give your top pick to the second candidate so they can beat one of the two candidates you hate and ensure the runoff isn't between both of the candidates you hate.

Meanwhile with score voting your favorite candidate might have won, because they were the first choice of only 20% but the second choice of everyone else, and then end up with an average score of e.g. 6 when all the others are at 4 and 5.

RCV tends to do the opposite of that. If you have two opposite extremists and a moderate, the moderate can get knocked out in the initial round and then you get a coin flip between the two opposite extremes, even if the moderate would win one-on-one against either of the extremes. Or, in a district that skews to one side, give the district to the other side, because the minority party makes it to the runoff with 40% of the vote, the majority party splits between two candidates each at ~30%, but then if the majority party's extremist goes to the runoff instead of its moderate, they could lose the runoff to the minority party's moderate and give the district to the minority party.

Statistics are doubly useless in that context because a given loan officer might process something like 20 loans a year, which is too small a sample size for statistics to show anything with high confidence anyway.

The way people like that get caught is when they incriminate themselves. And the real way you solve that problem is by ensuring a competitive market for loans, so that the economic inefficiency of not giving loans to people who would pay them back actually negatively impacts the institutions that do it, and the borrowers can find numerous other institutions willing to do business with them, instead of the racist loan officer both being the borrower's only option and their bank not suffering consequences from it because the lack of competition allows them to stay in business by also overcharging the customers they accept.

And people complain about it. If you were trying to make a change from some other status quo to that, it would be a significant impediment.

> Approval voting would be an improvement over the status quo but it makes it a lot harder for me to influence the choice between candidates I like less. If I do check my third choice I risk helping them beat my top two.

Approval voting is the range compressed version of score voting. Instead of scoring each candidate on a scale of 1 to 10, it's score each candidate on a scale of 0 or 1. Use score voting and you can give your favorite candidate a different score than your second favorite without giving them the same score as your least favorite.

Both of them are still better than RCV.

If you don't check ID then anyone with a list of registered-but-unlikely voters (or who registers unlikely voters ahead of time without their knowledge) could be voting multiple times and there is nothing to detect it. If you check ID then that doesn't happen as easily, but you still have no way to know if it would have happened in the alternative.

The closest thing to knowing would be if apparent turnout declines in response to checking ID, but a) different elections have different turnout anyway and b) even if you could detect a significant change, one party would then argue that it's a reduction in fraud and the other would argue that checking ID is reducing legitimate turnout, and you still don't know which one it is -- it could even be both.

What does this have to do with the census? A doctor would know the race of their patient without needing to deduce it statistically from their neighborhood.

Also, don't we not want financial institutions using demographic data decisions in making loans etc.?

Notice also that you're only handling the entities large enough to do things in-house to begin with. Meanwhile one of the biggest problems here is industrial espionage, which is to say startups with interesting new technology.