Codex Update Blocker shield icon

One home for every supported system

Codex Update Blocker

Small, reversible controls for Codex-owned update paths. Pick your platform and read its exact protection boundary before enabling it.

Strong protection, honest limits

macOS and standalone Windows installs can be frozen locally. Mobile operating systems do not let one app disable another app’s Store updates, so Android, iOS, and Quest block the dedicated Codex network updater/runtime hosts without interfering with normal chats.

Release 1.0

Downloads

SHA-256 published

Windows

Standalone installs

Elevated reversible blocker for Codex-specific updater tasks, processes, package trees, and known dedicated update hosts.

  • Windows 10/11 x64
  • Unsigned portable build; SmartScreen may warn
  • Microsoft Store updates remain Store-managed
Preparing download…

Android

Network layer

Local VPN/DNS protection for the dedicated Codex updater and runtime hosts. Other DNS and normal Codex traffic continue normally.

  • Android 8 or newer
  • Test-signed sideload APK; no root required
  • Cannot disable Google Play app updates
Preparing download…

iOS

iPhone & iPad

Encrypted DNS profile

A removable encrypted-DNS profile blocks only the known Codex-owned update hosts. The companion app explains status and removal.

  • Profile works without jailbreak
  • Companion IPA is development-signed for registered devices
  • Cannot disable App Store updates per app

Q

Meta Quest

Network layer

Quest-branded APK using Android’s local VPN service to block dedicated Codex updater/runtime DNS while leaving VR and chat traffic online.

  • Quest 2, 3, 3S, and Pro
  • Test-signed Developer Mode sideload
  • Cannot disable Meta Store package updates
Preparing download…

</>

Source & verification

Auditable

Every package includes platform notes. The release manifest publishes exact sizes and SHA-256 hashes so downloads can be verified independently.

Protection model

Normal Codex use stays online

1

Block owned update paths

Known updater processes, services, package trees, and dedicated hosts are targeted.

2

Leave shared traffic alone

Port 443, authentication, API, and chat endpoints are not broadly blocked.

3

Restore what was changed

Desktop versions record original state and remove only restrictions they own.