BlindSpot is an Android hardening toolkit for cases where a normal app blocker is not enough. It combines Device Owner policy controls with LSPosed hooks, so it can restrict apps at the Android policy layer and also patch specific in-app escape hatches that Android policy APIs cannot see.
| Area | Path | Notes |
|---|---|---|
| Android app and LSPosed module | android/ |
Main BlindSpot app, Device Owner controls, protection rules, and Xposed hooks. |
| Android README | android/README.md |
Deeper notes on setup, hooks, implementation details, and device-owner flow. |
| Aliucord plugin workspace | aliucord plugin/ |
Plugin workspace currently carrying the ChannelBlocker plugin. |
| Root scripts | package.json |
Convenience commands for Android build, install, run, clean, release, and adb logs. |
- Discovers, applies, imports, and exports Android managed app restrictions.
- Blocks apps by suspending packages and protecting their data from easy clearing.
- Protects apps from uninstall, force-stop, and data-clearing paths exposed through normal Settings.
- Delay-locks sensitive changes to rules, protected apps, delay settings, and hook toggles.
- Enforces automatic time/timezone while delay locks are active, so clock changes cannot skip waiting.
- Transfers Device Owner to another admin app when needed.
- Hooks specific app internals through LSPosed:
- Morphe: TextView watchdog for forbidden on-screen text.
- Messenger: blocks Meta AI/search entry points while keeping stickers, GIFs, and emoji usable.
- Facebook: feed/doom-scroll blocker that still allows more direct destinations.
- X/Twitter and Instagram: timeline, reel, and feed scroll-lock style hooks.
- Edge/Chrome variants: preview/context-menu hardening.
- Reddit: text selection and copy extraction helpers.
✅ means the tool is built around that capability. partial means it has a related feature, but
not the same layer or depth. - means it is not the point of that tool.
| Capability | BlindSpot | Andoff | Test DPC | Plucky | Family Link / Digital Wellbeing | BlockerX-style blockers |
|---|---|---|---|---|---|---|
| Device Owner / DPC-style control | ✅ | ✅ | ✅ | - | partial | - |
| Block or protect installed apps | ✅ | ✅ | partial | - | ✅ | ✅ |
| Prevent uninstall / easy tampering | ✅ | ✅ | partial | - | partial | partial |
| Delay before changing protection | ✅ | ✅ | - | ✅ | partial | partial |
| Managed app restrictions editor | ✅ | - | ✅ | - | - | - |
| Import/export of restriction rules | ✅ | - | partial | - | - | - |
| Adult-content or relapse filtering | partial | - | - | ✅ | partial | ✅ |
| In-app social feed/reel/timeline blocking | ✅ | - | - | - | - | partial |
| App-process hooks with LSPosed/Xposed | ✅ | - | - | - | - | - |
| App-specific hardening for Messenger/Facebook/X/Instagram/Edge/Reddit | ✅ | - | - | - | - | - |
| Open-source reference code | ✅ | - | ✅ | - | - | - |
The closest overlap is Andoff: it is also a serious Device Owner app for hard Android lockdown. The difference is that Andoff's docs explicitly say it does not filter content itself; it is usually paired with another filter such as Plucky. BlindSpot is more experimental and narrower, but it combines Device Owner controls with app-process hooks for the specific places where policy-only or browser-only blockers do not reach.
Test DPC is the official Android Enterprise reference/sample DPC, not a self-control product. Plucky is stronger as an internet/media filter with a delay philosophy. Family Link, Digital Wellbeing, and normal app blockers are easier consumer tools, but they do not modify the inside of social apps through LSPosed.
pnpm android:build
pnpm android:install
pnpm android:run
pnpm adb:logcatThe root scripts expect Android tooling, adb, and a cached Gradle wrapper under
%USERPROFILE%\.gradle\wrapper\dists. If that is missing, build any Gradle project once or add
normal Gradle wrapper files to this repo.
BlindSpot needs Device Owner privileges for the policy features:
adb shell dpm set-device-owner com.hardening.blindspot/.BlindSpotAdminReceiverDevice Owner status is powerful and intentionally hard to undo. Use a test device unless you know exactly what the policy state is.
Enable the BlindSpot module in LSPosed and include the apps you want to hook:
app.morphe.android.youtubecom.facebook.orcacom.facebook.katanacom.microsoft.emmxcom.microsoft.msedgecom.android.chromecom.reddit.frontpagecom.twitter.androidcom.instagram.android
Force-stop target apps after changing scope or hook state.
MIT, see android/LICENSE.