From a coding perspective, if I were writing a CPU miner, I could see why the "less than" test is used-- at the machine language level, it's faster to perform four 64-bit subtractions and then check the carry flag to implement one 256-bit subtraction than to try to scan a 256-bit value for the first 1 bit. But subtraction is also misleading it's just an implementation detail and originally the leading zeroes are what mattered.

Only by discussing and debating do people form true understanding. Only by questioning are assumptions checked and sometimes found to be wrong.

No, I understand that. It's a terminology problem. I've been using PoW to refer to the hash whether it is valid or not. I see now that PoW is defined as only the hash that has the number of leading zero bits.

I'm not sure I understand the difference between leading zeroes and difficulty though. People throw around the term difficulty rather loosely as though it is a euphemism. I prefer concrete terms.

If I understand correctly, the SEC (securities and exchange commission) believes it has the right to declare anything that is exchanged for money a "security", the selling of which requires a special license from them.
Currently they're going after LBRY, which I've never used but it sounds like they are the "easy target", the weakest kid on the playground that the bully is automatically going to go after.
Is that correct?
This is all very dubious since the SEC is the same entity that almost never prosecutes Wall Street's criminal activities. They are widely viewed as a corrupt "captured regulator".
Here's a video that I found about SEC vs LBRY: https://helplbrysavecrypto.com/

If a share doesn't include a single PoW that solves the block however, but only attempts to solve the block, what is the precise mechanism for proving the PoW value is not just an unchecked random number? I have an idea, but I'd prefer to hear someone who is in the know explain it. This might be a bit of a "hard question".

Let's say my ASIC makes 1 billion attempts at finding a PoW value starting with 62 zeroes, and this is represented by 100 shares, and all of these attempts fail to find the PoW hence I don't win the new Bitcoins. How does the pool differentiate between my ASIC-generated PoW values, which are randomly generated, and an entirely random PoW that was never checked by an ASIC? So far I don't see anyone offering a cogent explanation.

Person A connects a $15,000 mining rig to his computer and starts churning out many terahashes per second, in the form of "shares".
Person B connects nothing to his computer, but instead modifies cgminer to pretend that it is communicating with a $15,000 mining rig and generates the exact same number of terahashes per second, however they are all faked random nonsense. When the pool finally finds a valid PoW, Person B gets a share of the proceeds despite not submitting valid shares.
What is there to prevent person B from doing this?
Or to put it another way, what is the process by which a share is actually verified to have been performed on real hardware, since (AFAIK) a share typically does not include a successful PoW that results in new coins?

The answer to your question can be found in the book None Dare Call It Conspiracy, written 5 decades ago by Gary Allen.

Here's a summary: https://www.youtube.com/watch?v=PoFVtkSkv40

If a nefarious miner tries to reward herself 10000 bitcoins after finding a correct PoW for her copy of the block, what is to prevent her from doing so ?

Is there some central place where the current correct reward is to be found so that everyone knows for certain what it is e.g. https://somewebsite.com/current_reward.xml ?

When a reward values changes, but not everyone hears about it, there are bound to be miners who submit valid PoW and blocks whose reward is out of sync with the larger consensus. How is that discrepancy dealt with?

E.g. a miner submits a valid PoW for their block but rewards herself 25 BTC instead of 12.5. Does that miner get a chance to fix her mistake?