macOS
Full local protectionNative signed Mac app with a one-switch UI, persistent root guard, recursive app/runtime freezing, updater controls, and dedicated-host blocking.
- macOS 14 or newer
- Apple Silicon + Intel
- Administrator approval when toggled
One home for every supported system
Small, reversible controls for Codex-owned update paths. Pick your platform and read its exact protection boundary before enabling it.
macOS and standalone Windows installs can be frozen locally. Mobile operating systems do not let one app disable another app’s Store updates, so Android, iOS, and Quest block the dedicated Codex network updater/runtime hosts without interfering with normal chats.
Release 1.0
Native signed Mac app with a one-switch UI, persistent root guard, recursive app/runtime freezing, updater controls, and dedicated-host blocking.
Elevated reversible blocker for Codex-specific updater tasks, processes, package trees, and known dedicated update hosts.
Local VPN/DNS protection for the dedicated Codex updater and runtime hosts. Other DNS and normal Codex traffic continue normally.
A removable encrypted-DNS profile blocks only the known Codex-owned update hosts. The companion app explains status and removal.
Quest-branded APK using Android’s local VPN service to block dedicated Codex updater/runtime DNS while leaving VR and chat traffic online.
Every package includes platform notes. The release manifest publishes exact sizes and SHA-256 hashes so downloads can be verified independently.
Protection model
Known updater processes, services, package trees, and dedicated hosts are targeted.
Port 443, authentication, API, and chat endpoints are not broadly blocked.
Desktop versions record original state and remove only restrictions they own.