Some are random and have no disadvantage, so they stick around. Others have an advantage that may or may not still be relevant.

High melanin levels help with bright equatorial sun. Low melanin levels help with vitamin D synthesis in areas where there’s less sun.

Curly African hair is better at protecting the scalp from the sun and heat. There’s less hair follicles overall, allowing for better airflow and the tight curls keep the hair away from the scalp allowing it to cool better. This also meant less sweating, which made it easier to remain hydrated and clean.
Straighter hair tends to be more dense, and to do a better job keeping you warm.

A lot of the other traits are random, or in genes connected to the general melanin genes, since evolution is unlikely to specifically target just the melanin levels of skin, and not the overall melanin level.

Some traits are also a result of sexual selection. Peacocks have large, vibrant plumage because it helps them attract a mate. Some human characteristics are the same. We essentially selectively bred ourselves based on the whim of aesthetics.

Finally, much of what we consider racial differences between people are social constructs.
That’s not to say that the differences aren’t real, but that the racial division is a relatively arbitrary line.
For example, I’m nearly a foot taller than my wife. My ancestors wandered up from Africa, landed in Scandinavia and then drifted to Scotland and southern England before coming to the Americas and getting mixed up in the Canadian fur trade in the 1600s. My wife’s ancestors stopped in Germany before coming to the Americas in the late 1800s.
Our children are not considered mixed race because our skin is the same color, even though the actual lineage is pretty distinct.

We decided that skin color is a race marker, but not things like “height”, “toe and finger length”, or things like that.
Except for where we did, like when European colonizers relatively arbitrarily decided that different traits were racial markers amongst the colonized, like nose shape and chin thickness.

All that to say, much of what we consider obvious racial differences that stand out are only such because we decided to pay attention to them. Other perfectly visible variations are just normal individual variations.

You can vote from overseas in whatever location was your last permanent US residence.
People in DC get to vote for president because a special law was passed giving them electoral votes.

People in Puerto Rico have a US permeant residence that doesn’t let them vote for president, so they can’t legally vote from a different jurisdiction.
One of the proposals that’s come up occasionally is to make a similar law for Puerto Rico as we did for DC, but there’s never enough consensus on any plan to go forward, up until relatively recently.

For the most part it’s not useful, at least not the way people use it most of the time.
It’s an engine for producing text that’s most like the text it’s seen before, or for telling you what text it’s seen before is most like the text you just gave it.

When it comes to having a conversation, it can passibly engage in small talk, or present itself as having just skimmed the Wikipedia article on some topic.
This is kinda nifty and I’ve actually recently found it useful for giving me literally any insignificant mental stimulation to keep me awake while feeding a baby in the middle of the night.

Using it to replace thinking or interaction gives you a substandard result.
Using it as a language interface to something else can give better results.

I’ve seen it used as an interface to a set of data collection interfaces, where all it needed to know how to do was tell the user what things they could ask about, and then convert their responses into inputs for the API, and show them the resulting chart. Since it wasn’t doing anything to actually interpret the data, it never came across as “wrong”.

What county is that? That sounds like the type of discrepancy that you don’t hear about often.

I have an assigned voting location, but there are several in my district that are all “valid”, and I was just assigned the one closest to my house. If I were to be confused and go to a valid location I wasn’t assigned to, I’m still in the ledger. Since I’m attempting to vote in the correct district, they don’t really have grounds to turn me away.

If I were in the wrong district, I’m still allowed to cast a provisional ballot, which lets you vote but they sort it out later.

You can also vote absentee and then also in person and not disclose that you need to invalidate the absent vote. Here that’s automatic, but in some places it’s a crime.

You’re also allowed to go to a clerks office, which has the equipment to print any ballot and handle it correctly.

The exact specifics vary based on the state, but it’s roughly the same in each of them.
You track the voter, ballot, collection and counting.

Voter A issued ballot 3. Ballot 3 collected Ballot 3 counted.

The counting phase involves removing the tracking number from the ballot before removing a cover that keeps the vote private.

You can’t slip an extra ballot into the box because then the totals don’t add up, and you know where in the process the discrepancy occurred.
Making sure there are multiple eyes on issuing and counting means it’s hard to create or count a fake ballot.
When not observed by multiple people, the containers are locked with multiple locks with keys held by different people.

It’s why most voter fraud is a voter going to multiple valid voting locations to vote multiple times. Once the tabulations begin, you see you counted the number collected, collected the number issued, and that you issued one ballot to each voter except one, who got three.

Usually about 15 to 20 seconds. I’ve been known to check my phone while standing to pee, it really just depends on what I’m doing It’s not like I’m doing a lot on my phone while peeing.

Bribing voters is illegal. Paying people to make a voting plan isn’t. Yay legal technicalities!

Oh, certainly. But common language has a term for high latency already, it’s just not speed related. Everyone knows about a laggy connection on a phone or video call.

Fun fact: TCP has some implicit design considerations around the maximum cost of packet retransmission on a viable link that only works on roughly local planetary scale.
When NASA started to get out to Mars with the space Internet, they needed to tweak tcp to fit retransmission being proportionally much more expensive and let connections live longer before being “broken”.

When talking communication, most people think of the speed with which a unit quantity of information is transmitted, not the latency of that transmission.
Referring to bandwidth as the speed of a communication system is pretty normal, even for people who know how to use the term bandwidth.

check out is the part where the actual sales transaction occurs. It really is materially different

Like a vending machine? Or the gas station? Or the grocery pickup, where I pay online?
What makes a human being present for me giving my money to a machine different if it’s a grocery store as opposed to one of those?

Sorry your experience sucks. Stores near me regularly have both open and the self checkout is invariably significantly faster. It’s not like I just didn’t notice that something I do several times a week actually sucks.

I’ve never understood the people who seem to not get that some people actually don’t mind scanning their stuff and putting it in bags, and insist that that’s the line between what the customer does and the employee. They also used to carry your groceries to the car for you, and you can also get them to pick everything up, bag it and bring it to your car or house. It’s not like the checkout process is the special part that can’t change.

Yeah, they want to save money by having fewer people get more customers checked out faster. I don’t really care since the part I like, getting finished at the store, happens faster.

Yes, to a degree. A VPN protects you from an attacker on the same WiFi network as you and that’s about it.

Most assaults on your privacy don’t happen like that, and for the most part the attacks that do happen like that are stopped by the website using https and proper modern security.
The benefit of the VPN is that it puts some of that protection under your control, but only as far as your VPN provider.

A VPN is about as much protection from most cyber attacks as a gun is.

They’re not a security tool, they’re a networking tool. They let you do some network stuff securely, and done correctly they can protect from some things, but the point of them is “this looks like a small, simple LAN, but it’s not”.

It’s much easier to package and sell network tools than security tools, and they’re much more accepted by users, since security tools have a tendency to say “no” a lot, particularly when you might be doing something dumb,and users hate being told no, particularly when they’re doing something dumb.

A lot of that information can be weirdly public. Looking up property records often comes with data about utility bills and taxes, and their payment statuses.

The RSV vaccine is even being used in the wild! Certain high risk demographics can get it during RSV season. And not rare high risk either, women beyond a certain point in pregnancy and older people.

Yeah, and it’s not like you want the information out there, it’s just that in my opinion it’s not something I would pay money for. Having the authority to make the request doesn’t mean that the party on the other end is obligated to comply, or in some cases even legally permitted to.

I’ve used Google’s service where they send you an email to review results if they find something, and my Google results for my incredibly distinctive name are basically only professional resources that I kinda want to be findable.

Honestly? It’s not something I would pay for. Google has their own service where they’ll let you know if they find your information and you can ask them to remove the search result.
Beyond that, there’s some information that you just fundamentally can’t make private and no service can get taken down.
Most data mining sites just collect those public records and put them next to each other, so they get a pile of your name, birthday, where you were born, how active you are as a voter and all that stuff.

Removing your address from Google maps just seems silly to me. That there is a residence there is fundamentally public information, not being on maps doesn’t make it less public it just probably causes issues for delivery drivers.

Anyone who has your data and is going to be a jerk about it isn’t going to listen to a request to take it down either. They’re just going to send you spam messages.

The odds of being Targeted by a determined individual who’s focused explicitly on you is low. They tend to target a broad swath of people, and then dig in on people who take the bait a few times.

I have never felt so old.

Name, address, and phone number of the account holder used to be published in books that got sent to everyone in the city and also just left lying in boxes that had phones in them if you needed to make a call while you weren’t home, because your phone used to be tied to a physical location.
You also used to have to pay extra to make calls to places far away because it used more phone circuits. And by “far away” I mean roughly 50 miles.

It’s not the biggest thing in the world, privacy wise, since a surprising amount of information is considered public.
If you know an address, it’s pretty much trivial to find the owners name, basic layout of the house, home value, previous owners, utility bill information, tax payments, and so on. I looked up my information and was able to pretty easily get the records for my house, showing I pay my bills on time, when I got my air conditioner replaced and who the contractor who did it was.

As an example, here’s the property record for a parking structure owned by the state of Michigan. I chose a public building accessible by anyone and owned by a government to avoid randomly doxing someone, but it’s really as easy as searching for public records for some county or city and you’ll find something pretty fast.

Depends on the vendor for the specifics. In general, they don’t protect against an attacker who has gained persistent privileged access to the machine, only against theft.
Since the key either can’t leave the tpm or is useless without it (some tpms have one key that it can never return, and will generate a new key and return it encrypted with it’s internal key. This means you get protection but don’t need to worry about storage on the chip), the attacker needs to remain undetected on the server as long as they want to use it, which is difficult for anyone less sophisticated than an advanced persistent threat.

The Apple system, to its credit, does a degree of user and application validation to use the keys. Generally good for security, but it makes it so if you want to share a key between users you probably won’t be using the secure enclave.

Most of the trust checks end up being the tpm proving itself to the remote service that’s checking the service. For example, when you use your phones biometrics to log into a website, part of that handshake is the tpm on the phone proving that it’s made by a company to a spec validated by the standards to be secure in the way it’s claiming.

Package signing is used to make sure you only get packages from sources you trust.
Every Linux distro does it and it’s why if you add a new source for packages you get asked to accept a key signature.

For a long time, the keys used for signing were just files on disk, and you protected them by protecting the server they were on, but they were technically able to be stolen and used to sign malicious packages.

Some advanced in chip design and cost reductions later, we now have what is often called a “secure enclave”, “trusted platform module”, or a general provider for a non-exportable key.
It’s a little chip that holds or manages a cryptographic key such that it can’t (or is exceptionally difficult) to get the signing key off the chip or extract it, making it nearly impossible to steal the key without actually physically stealing the server, which is much easier to prevent by putting it in a room with doors, and impossible to do without detection, making a forged package vastly less likely.

There are services that exist that provide the infrastructure needed to do this, but they cost money and it takes time and money to build it into your system in a way that’s reliable and doesn’t lock you to a vendor if you ever need to switch for whatever reason.

So I believe this is valve picking up the bill to move archs package infrastructure security up to the top tier.
It was fine before, but that upgrade is expensive for a volunteer and donation based project and cheap for a high profile company that might legitimately be worried about their use of arch on physical hardware increasing the threat interest.