Zip bombs eat some RAM. I have zero problems serving zip bombs to clients that explicitly disregard "do not enter" signs (and more specifically, actually enter them on purpose.) (Also: it's essentially a honeypot setup, which is nothing terribly novel in concept; people do it for SSH and other things.)

Sigh. I sometimes get the feeling that HN moderation can no longer keep up with actually reviewing the flags.