Today I learned that zip files keep their metadata at the end of the file for historical reasons. This originates from the times of floppy disks. The disk space on floppy disks was rather limited and there was a lot of variation, resulting in the inability of a program to estimate how many floppy disks would be needed to store the zipped data. The solution to this problem was to simply write data to floppy disks, count them and as soon as all data was written, to write the metadata, including the count of the used floppy disks, on the last floppy disk and call it a day.

I learned about that because I listed to the awesome Open Source Security Podcast today and they mentioned this as being part of a many years old exploit to trick Windows into believing it has a signed binary in front of itself but actually executing the unsigned zip file appended to the signed part of the original file.