That’s a difficult question to answer without a “real” system to actually judge.

Generally the goal is to have the system too busy dealing with the ZIP bomb that it can’t accomplish other things. A ZIP bomb itself won’t cause data loss and break things, but if a user can’t save their document because said ZIP bomb filled a hard drive, then mission accomplished.

Instability and crashing are *usually* a result of too much RAM being used. This leads to swap which means the hard drive is busy again, and programs either can’t get the RAM they need or it’s delayed, again causing the actual service breakage.

So where is the actual tipping point? It will vary by system.

It’s worth noting that ZIP bombs are a known thing, and most anti-virus and other content scanners are known to abort scanning them upon realizing the size. Then again, scammers and other people have begun to make counter-use of this by making intentionally large file attachments and zip-bomb like appearances of files to try to get around anti-virus scanners. You heard about a bunch of youtubers getting their channels hacked? I think this is a big part of it – antivirus not doing its job.