It can often improve performance and memory latency and usually only has a minor CPU performance impact as it trades cycles waiting for memory for cycles decompressing memory. It is usually decent even on low power embedded devices.

There are a few edge cases where ZRam is not great. If your data is already compressed or encrypted copying it around in memory is much more expensive. It’s also harder to tell exactly how much data can be loaded into the “free” memory. It’s also a bit slower for serialized memory access in large data sets if the compression ratio is low.

Right image, but under those each one below would also be wearing large pants covering each side of the subtree.

From what I’ve read is not authentication bypass, it’s a RCE using certificates to deliver the payload. If a specific signature is found it runs the code that was sent in place of the signing public key. It also means that only someone who has the ability to generate that specific key signature could use the RCE.

There were some other bits that looked like they could have been placed to enable compromising other build systems in the future when they checked for xz support.

It can still have issues with potential attacks that would redirect your client to a system outside of the VPN. It would prevent MitM but not complete replacement.

Likely you needed to include the intermediate cert chain. Let’s encrypt sets that up automatically so it’s quite a bit easier to get right.

The expression syntax for the GNU find command is very powerful. I would expect that it is up to the task. If you don’t have the GNU find command with it’s extensions I could see how it’s would be difficult.

The underutilized post pre increment operator.