[anyfoo]

Coupled with the very simplistic and predictable passwords often encountered in passworded (avoiding the word "encrypted") ZIPs, I often have the impression that the intention is more to add an explicit human step to open the ZIP. So, making it (less) accessible to crawlers, or give a non-malicious recipient a moment to think whether they want/need/should extract this.

Often the password comes in the same mail or website, after all.

[13of40]

I got a chance to ask the guy who invented the ZIP encryption scheme a couple of years back, and he basically said it was designed to be exportable under the US's encryption export restrictions at the time, which I understood to mean they made it intentionally weak.