from Hacker News

EBAF – eBPF Based Ad Firewall

by ARob109 on 7/3/25, 3:59 PM with 51 comments

  • by mfro on 7/3/25, 5:58 PM

    Absolutely no need to do kernel level packet filtering for this. You can use the absurdly easy hostfile approach, or a simple self-hosted DNS server. This looks entirely LLM generated as well.

    Also... who the hell tries to make changes to a user's sudoers file from their install script? This is an awful project.

  • by Retr0id on 7/3/25, 5:48 PM

    I got AI-generated vibes from the banner image, which surprised me because I wouldn't expect someone to generate something so trivial.

    So I investigated, lining up the real Spotify logo in GIMP - it doesn't match up, the details are different!

    But then I checked the image metadata:

    `Actions Software Agent Name : GPT-4o, OpenAI API`

    Doh, I should've saved time and checked that first. TIL OpenAI explicitly watermarks their output images via metadata. It even has c2pa signatures (which I didn't bother trying to verify)

  • by _benj on 7/3/25, 5:03 PM

    How is this different than other ip or dns ad blockers?

    I see that it all comes down to a blacklist of urls. Wouldn’t eBPF just make things more complicated?

  • by sbarre on 7/3/25, 5:24 PM

    > We’re not here to pirate. We’re here to opt out.

    Then "opt out" by not using the product? No one has a right to use Spotify. If you don't like the terms, don't use the service.

    I'll never get why people smart enough to build something technically impressive like this feel the need to throw these completely childish pseudo-rationalizations out there. Yeah, you are stealing actually.. Is it that big of a deal? Nope. But it still is what it is.

    Do they think this kind of false-moralizing will protect them from DMCA takedowns or something?

  • by alephnerd on 7/3/25, 5:31 PM

    I'm curious about it's eBPF coexistence capabilities. If you are running an XDR like Crowdstrike, this might interfere with their eBPF sensors for Linux desktops.

  • by sciencesama on 7/3/25, 5:30 PM

    extend this like pihole so we can use it for reddit and facebook and instagram ad blocking using proxy !

  • by jekwoooooe on 7/3/25, 5:29 PM

    Not proposing a moral opinion but this is still piracy no matter how much they deny it. The contract with free Spotify is you receive ads.

  • by bobbyraduloff on 7/3/25, 5:48 PM

    Kernel level packet filtering to avoid Spotify ads is about the same level of mental gymnastics as the GPT-generated “we’re not pirates” argument in their README.

    While Spotify is obviously an immoral company, you, the person reading this, are not entitled to free 24/7 cloud-streamed music on demand. They are a business and they don’t owe that service to you on principle.

    If you don’t like them as a company, there’s way to purchase the music directly (remember how we all used the iTunes Store back in the day) and there are other streaming services whose morals you might find more acceptable.

    To be clear, I’m not making some grand “piracy is evil” argument, but I’m saying that to publish software enabling piracy with the justification that a business’ free service is not good enough value for you is a bit out there.