Xz format inadequate for general use

https://www.nongnu.org/lzip/xz_inadequate.html

11•Bogdanp•3h ago

Comments

usr1106•2h ago

Site says: Too many requests.

At 3 points and 0 comments it can't be HN?

rgovostes•1h ago

Nonetheless, xz has the best sshd integration.

arp242•1h ago

(2016); and used to be "Xz format inadequate for long-term archiving", but apparently the author's opinion of the xz format has worsened.

Xz format inadequate for long-term archiving (2016) - https://news.ycombinator.com/item?id=39871914 - Mar 2024 (26 comments)

Xz format inadequate for long-term archiving (2016) - https://news.ycombinator.com/item?id=39868810 - Mar 2024 (9 comments)

Xz format considered inadequate for long-term archiving (2016) - https://news.ycombinator.com/item?id=32210438 - Jul 2022 (158 comments)

Xz format inadequate for long-term archiving (2016) - https://news.ycombinator.com/item?id=20103255 - Jun 2019 (58 comments)

Xz format inadequate for long-term archiving (2017) - https://news.ycombinator.com/item?id=16884832 - Apr 2018 (136 comments)

Xz format inadequate for long-term archiving - https://news.ycombinator.com/item?id=12768425 - Oct 2016 (91 comments)

angst•1h ago

if i need xz i'll just use zstd instead.

o11c•1h ago

As always when this is posted: this is quite overstated. If you're only using .xz on something already protected by a sha2sum or something, and you trust the source, almost all of this is immediately invalidated (and the rest is "whatever, good enough").

Now, "trust the source" does have a hole that most people might not think about - are you sure the archive you just created corresponds to the files you tried to add? Doing extraction comparison tests should be mandatory ... but the same applies to all other archive formats, and very few tools automate the check in a way that also generates the hash.

lifthrasiir•1h ago

I have to cringe every time this article is brought up, because while xz does have made some questionable design choices, it practically works well and doesn't do anything fundamentally inadaquate as a compression file format [1]. And yet about a half of this article is devoted to the xz's inadaquateness as an archival format for which xz was never designed (use a properly designed archival format if you want). At this point lzip should be avoided because of this article. Sigh.

[1] Refers to file formats like .gz, .bz2 and of course .xz; doesn't include .tar, .zip or .7z.

arp242•1h ago

Most of these are not really serious issues in the real world. It's been critiqued extensively in the past (posted those discussions in a separate comment) and I'll not repeat it here. But I will add that lzip's "yo, here's a tarball, trust me bro"-model of distribution is no longer fit for 2025, for reasons that should be obvious. In my opinion this blows any concerns about xz out of the water. Technically this is about formats and not implementations, both de-facto have one dominant implementation, so that's a bit of an academic distinction.

Anyway, zstd is the future for most use cases.

lifthrasiir•1h ago

I'm indeed interested in the author's opinion about the zstandard format. Because one seems to use xz as a kind of scapegoat...

Disclaimer: I am not a webdev, this PR was vibe coded

Ask HN: Someone has committed 20K+ LoC to a PR, exhausting my CI & AI workflows

Can OpenAI free us from our screen and smartphone obsession?

Do I not like Ruby anymore? (2024)

Laravel-Prose

Roast My Code: Golang Url Shortener

August 26 Is Canned Beer Day in Japan – A Journey Through Summer and Design

SpaceX to start sending Dragon capsules to Mars in 2 years

Interactive Map of Paul's First Century Travels in Roman World

Show HN: I built AI Agents that automate comprehensive due diligence on stocks

The Smoital System – A method of timekeeping on Mars based on UTC

AI-generated scientific hypotheses lag human ones when put to the test

Can AI suffer? Big tech and users grapple with unsettling questions of our times

Bill introduced to exempt Pope Leo from high US taxes

Cameras installed in bin lorries – Stop householders dumping rubbish incorrectly

Show HN: I integrated my from-scratch TCP/IP stack into the xv6-riscv OS

The Emotional Resonance of Design

Transport for London launches campaign targeting 'headphone dodgers'

Dangerous Advice for Software Engineers

Game Genie declassified: That summer I played 230 Game Boy games

How to make money on crypto with AI

Use .config to store your project configs

Reading for pleasure falls by 40% in US

Enigma Crypto Transmission on Saturday August 30, 2025 @ 2000 GMT

Technology's Impact on Creativity: Shaping and Enhancing the Creative Landscape

Meta Talks World-Lock Rendering for AR/Mr at Hot Chips 2025

Physics-Based Indicators for the Onset of an AMOC Collapse Under Climate Change

NotebookLM's Video Overviews are now available in 80 languages

Show HN: PDF Barber – Edit PDFs in the browser, no uploads, full privacy

Google Sheets Publish to Web Broken