Android Debloat List.
I'm looking for a few contributors who can contribute to the ADL project on a regular basis for the vendor/oem of their choosing. Here are the requirements:
1. Must be able to contribute a few times per month
2. Must own a device from the vendor/oem
3. Must have a Matrix account (from any instance)
4. Expected to be able to use a text editor to edit JSON files
5. Expected to know how to navigate the GitHub website
No other qualifications needed. I'll be responsible for mentoring the contributors through a Matrix group as well as GitHub. Initially, we shall start with all the interested individuals and gradually eliminate those who fail to maintain the requirements. Interested individuals are requested to send an email to [email protected] with GitHub and Matrix usernames with the subject line prefixed "ADL".
There is no deadline, and you can apply any time.
I'm looking for a few contributors who can contribute to the ADL project on a regular basis for the vendor/oem of their choosing. Here are the requirements:
1. Must be able to contribute a few times per month
2. Must own a device from the vendor/oem
3. Must have a Matrix account (from any instance)
4. Expected to be able to use a text editor to edit JSON files
5. Expected to know how to navigate the GitHub website
No other qualifications needed. I'll be responsible for mentoring the contributors through a Matrix group as well as GitHub. Initially, we shall start with all the interested individuals and gradually eliminate those who fail to maintain the requirements. Interested individuals are requested to send an email to [email protected] with GitHub and Matrix usernames with the subject line prefixed "ADL".
There is no deadline, and you can apply any time.
β€65π9π€9π₯4π4π₯°1
UnApkm.apk
3.5 MB
UnApkm v1.4
Updated dependencies and now targets Android 15.
Although APKM files are no longer encrypted, the App Manager plugin is still being updated to support decrypting the legacy APKM files.
Updated dependencies and now targets Android 15.
Although APKM files are no longer encrypted, the App Manager plugin is still being updated to support decrypting the legacy APKM files.
π56π€©10π7β€6π₯3π₯°1π±1π€£1
π£ August'25 Updates
The next release of App Manager (that is, v4.0.6) is delayed because I was very busy with work last week. I'll try to release it in the next week as I need to take care of a few more things.
At first, I'd like to talk about one of my concerns that has been in mind for a while. Despite what many politicians want you to believe, the world is in a grave financial crisis, and there is no easy way out of it. What we're seeing at present seems to be a replay of the financial crises in the 1970s, except the world is more connected than before, thanks to the Internet, and this has its own set of disadvantages like we saw during the Covid period when the world ran into an absolute chaos. However, unlike the Covid period, people's ability and motivation to continue hobbies are going to be challenged, especially if they are not financially productive, and this can have an adverse effect in the open source community where many projects (including App Manager and the related projects) are developed and maintained by hobbyists like me. Notice that App Manager costs me nothing other than time (which is still quite costly in the developed world), but there are many projects that are quite costly in terms of money and resources. Most concerning of all: some of them play a significant role in areas of utmost importance (like the Internet itself or defense, compared to App Manager which is not that important as a project) and are being developed by maintainers quite thanklessly without any form of compensation. This is going to be an acid test for the open source community, and I believe the landscape will see a significant alteration in the future.
Of late, I've been working on the backup/restore feature of App Manager. As some of you know, I've already created the framework for converting a App Manager backup to and from a regular ADB backup a long time ago, but handling ADB backup and restore itself is not that straightforward using the Android APIs, but it's not impossible, and since a lot of the users are now using App Manager in ADB mode, I think I'll give it one more shot. If I can implement this correctly, the feature will be available v4.1.0, otherwise we'll continue to test it in the debug versions.
Lastly, I'm still looking for contributors for the ADL project. If you're interested, please send me an email with your Matrix username. Thanks.
The next release of App Manager (that is, v4.0.6) is delayed because I was very busy with work last week. I'll try to release it in the next week as I need to take care of a few more things.
At first, I'd like to talk about one of my concerns that has been in mind for a while. Despite what many politicians want you to believe, the world is in a grave financial crisis, and there is no easy way out of it. What we're seeing at present seems to be a replay of the financial crises in the 1970s, except the world is more connected than before, thanks to the Internet, and this has its own set of disadvantages like we saw during the Covid period when the world ran into an absolute chaos. However, unlike the Covid period, people's ability and motivation to continue hobbies are going to be challenged, especially if they are not financially productive, and this can have an adverse effect in the open source community where many projects (including App Manager and the related projects) are developed and maintained by hobbyists like me. Notice that App Manager costs me nothing other than time (which is still quite costly in the developed world), but there are many projects that are quite costly in terms of money and resources. Most concerning of all: some of them play a significant role in areas of utmost importance (like the Internet itself or defense, compared to App Manager which is not that important as a project) and are being developed by maintainers quite thanklessly without any form of compensation. This is going to be an acid test for the open source community, and I believe the landscape will see a significant alteration in the future.
Of late, I've been working on the backup/restore feature of App Manager. As some of you know, I've already created the framework for converting a App Manager backup to and from a regular ADB backup a long time ago, but handling ADB backup and restore itself is not that straightforward using the Android APIs, but it's not impossible, and since a lot of the users are now using App Manager in ADB mode, I think I'll give it one more shot. If I can implement this correctly, the feature will be available v4.1.0, otherwise we'll continue to test it in the debug versions.
Lastly, I'm still looking for contributors for the ADL project. If you're interested, please send me an email with your Matrix username. Thanks.
β€101π30π₯15π«‘8β€βπ₯5π2β‘1
App Manager | CHANNEL
π£ August'25 Updates The next release of App Manager (that is, v4.0.6) is delayed because I was very busy with work last week. I'll try to release it in the next week as I need to take care of a few more things. At first, I'd like to talk about one of myβ¦
I'll skip v4.0.6 and release v4.1.0 instead.
π₯113π45β€25π10π8π4π€£3π¦3π±2π€©2π¨βπ»2
π£ September'25 Updates
This month (October) has been a busy month for me (I mean more than usual). I've had certain timeline set up for the next release, but due to my busy-ness, I don't think I will be able to meet my goals for the next release any time soon.
Last time I've announced that I was working on ADB-based backups, and last month, I was able to integrate it fully into the existing backup model. This required a major rewrite of the backup/restore feature, but I think it would be beneficial to the large number of ADB users that App Manager has.
Recently, somebody has created a feature request on GitHub regarding a ADB-based network firewall implementation. From Android 13, it is possible to utilize the Berkeley Packet Filter (BPF) to cut network connections from an application. You can also do this using ADB shell or terminal with root:
The underlying implementation fetches the UID of the package name and then add the UID and rule to a BPF map for filtering the packets for the UID (for shared applications, multiple applications packages may be blocked as they share the same UID). But the issue with BPF rules is that the rules do not persist across reboot. This means you'd need to reapply the rules after restarting your device which is inconvenient. A possible solution to the problem, of course, is reapplying the rules on reboot, which again, is not convenient since ADB mode is also lost after a reboot. So, to effectively implement this feature, we need to find a way to monitor Wi-Fi connections on reboot and connect to wireless debugging automatically once the device is connected to Wi-Fi. I've already implemented a prototype last night, and it's working correctly on my test device (Pixel 9). On Android TV, ADB over TCP persists across reboots, so we may also able to do something similar on Android TVs too. After the feature become stable enough, I think it would be possible to implement BPF-based firewall for devices that support it that would persist across reboots.
IP tables based blocking and VPN-based packet filtering remain the most used filtering technology in Android due to the availability of many open source firewall tools (and closed source ones most of which are just clones of the former). However, these sort of blocking, as I've argued before, are not very effective, and from Android 12, their effectiveness has been further reduced. This has happened because Android 12 has integrated eBPF (extended BPF), and since then the internals of the AOSP has been modified to use eBPF instead of the traditional IP tables approach. If you don't know about BPF, let me explain it in simple words: BPF is a kernel-level packet filtering mechanism that has the ability to decide which packet (any data transmitted from or to the internet has to go through a few layers, packet is one of them) goes to where or which packets it needs to drop. This allows a system whitelisted program in Android to directly send/receive packets without going through the typical route used by ip tables or VPNs. This means that the vendor can arbitrarily allow their vendor (and system) apps to bypass ip tables and VPNs which is not good thing for user privacy since for these applications, all the protections (for example, anti-censorship protections) become useless. This is where the BPF rules may help. The underlying implementation of the above mentioned command modifies the BFP map albeit temporarily overriding the existing UID rules if already present. This effectively allows us to temporarily override the rules even for the whitelisted apps. But in some cases, the rules may be refreshed even without a reboot. I'm still currently investing the implementation, so I don't have the exact details.
This month (October) has been a busy month for me (I mean more than usual). I've had certain timeline set up for the next release, but due to my busy-ness, I don't think I will be able to meet my goals for the next release any time soon.
Last time I've announced that I was working on ADB-based backups, and last month, I was able to integrate it fully into the existing backup model. This required a major rewrite of the backup/restore feature, but I think it would be beneficial to the large number of ADB users that App Manager has.
Recently, somebody has created a feature request on GitHub regarding a ADB-based network firewall implementation. From Android 13, it is possible to utilize the Berkeley Packet Filter (BPF) to cut network connections from an application. You can also do this using ADB shell or terminal with root:
cmd connectivity set-package-networking-enabled [true|false] [package-name]
The underlying implementation fetches the UID of the package name and then add the UID and rule to a BPF map for filtering the packets for the UID (for shared applications, multiple applications packages may be blocked as they share the same UID). But the issue with BPF rules is that the rules do not persist across reboot. This means you'd need to reapply the rules after restarting your device which is inconvenient. A possible solution to the problem, of course, is reapplying the rules on reboot, which again, is not convenient since ADB mode is also lost after a reboot. So, to effectively implement this feature, we need to find a way to monitor Wi-Fi connections on reboot and connect to wireless debugging automatically once the device is connected to Wi-Fi. I've already implemented a prototype last night, and it's working correctly on my test device (Pixel 9). On Android TV, ADB over TCP persists across reboots, so we may also able to do something similar on Android TVs too. After the feature become stable enough, I think it would be possible to implement BPF-based firewall for devices that support it that would persist across reboots.
IP tables based blocking and VPN-based packet filtering remain the most used filtering technology in Android due to the availability of many open source firewall tools (and closed source ones most of which are just clones of the former). However, these sort of blocking, as I've argued before, are not very effective, and from Android 12, their effectiveness has been further reduced. This has happened because Android 12 has integrated eBPF (extended BPF), and since then the internals of the AOSP has been modified to use eBPF instead of the traditional IP tables approach. If you don't know about BPF, let me explain it in simple words: BPF is a kernel-level packet filtering mechanism that has the ability to decide which packet (any data transmitted from or to the internet has to go through a few layers, packet is one of them) goes to where or which packets it needs to drop. This allows a system whitelisted program in Android to directly send/receive packets without going through the typical route used by ip tables or VPNs. This means that the vendor can arbitrarily allow their vendor (and system) apps to bypass ip tables and VPNs which is not good thing for user privacy since for these applications, all the protections (for example, anti-censorship protections) become useless. This is where the BPF rules may help. The underlying implementation of the above mentioned command modifies the BFP map albeit temporarily overriding the existing UID rules if already present. This effectively allows us to temporarily override the rules even for the whitelisted apps. But in some cases, the rules may be refreshed even without a reboot. I'm still currently investing the implementation, so I don't have the exact details.
β€87π26π₯14π5π2π₯°1π€©1
Finally, for the APK updater, I've already created a backend for it. But there are still a lot of challenges, such as effective handling of extensions and errors, what to display to the user, implementing the update policies, and so on. This will take some time and probably available for testing at the first quarter of 2026.
β€100π34π₯10π5π€©4π₯°3π2π³1
π£ Updated Website
I've created a new personal website: https://muntashir.dev
The GitHub site, muntashirakon.github.io is set to redirect to muntashir.dev. As a result, all the other GitHub pages also redirect to that website. Therefore,
muntashirakon.github.io -> muntashir.dev
muntashirakon.github.io/blog -> blog.muntashir.dev
muntashirakon.github.io/AppManager -> muntashir.dev/AppManager (for now)
muntashirakon.github.io/android-debloat-list -> adl.muntashir.dev (for easy access)
PS: If you're interested in creating a domain maximizing privacy and security, I'd recommend porkbun.com. (No, they didn't sponsor me or anything, they're often recommended in privacy communities.)
I've created a new personal website: https://muntashir.dev
The GitHub site, muntashirakon.github.io is set to redirect to muntashir.dev. As a result, all the other GitHub pages also redirect to that website. Therefore,
muntashirakon.github.io -> muntashir.dev
muntashirakon.github.io/blog -> blog.muntashir.dev
muntashirakon.github.io/AppManager -> muntashir.dev/AppManager (for now)
muntashirakon.github.io/android-debloat-list -> adl.muntashir.dev (for easy access)
PS: If you're interested in creating a domain maximizing privacy and security, I'd recommend porkbun.com. (No, they didn't sponsor me or anything, they're often recommended in privacy communities.)
β€58π29π₯4π€3π
3π₯°2
If any Linux users here, I've built a dictionary app for Linux (because it badly needed one): https://github.com/MuntashirAkon/SlobDict
See my corresponding post for more info: https://infosec.exchange/@muntashir/115761100052449325
(Yes, I switched to Linux about a week ago, and this is the very first app I've ever developed for Linux.)
See my corresponding post for more info: https://infosec.exchange/@muntashir/115761100052449325
(Yes, I switched to Linux about a week ago, and this is the very first app I've ever developed for Linux.)
GitHub
GitHub - MuntashirAkon/SlobDict: A modern, lightweight GTK 4 dictionary app for Linux
A modern, lightweight GTK 4 dictionary app for Linux - MuntashirAkon/SlobDict
β€49π15π₯9π2π2π
2π1
App Manager | CHANNEL
If any Linux users here, I've built a dictionary app for Linux (because it badly needed one): https://github.com/MuntashirAkon/SlobDict See my corresponding post for more info: https://infosec.exchange/@muntashir/115761100052449325 (Yes, I switched to Linuxβ¦
Since Windows is unusable now (even Microsoft themselves admitted it), consider switching to Linux if not already. Here's a blog post I wrote about my experiences in switching to Fedora Workstation: https://blog.muntashir.dev/2025/12/18/fedora-workstation/
Muntashirβs Blog
My New Favorite Desktop Operating System
I spent the past three days setting up my new favorite operating system, which, in my opinion, is a great replacement for both Windows and macOS from my years of experience of using, especially, the latter.
β€61π22π14π₯6π3π2π
2π₯°1
Notice.
It appears the Debug channel was reported to Telegram by someone or some people, and Telegram decided that it violated their ToS without any explanation and thus blocked the channel. I have appealed against the decision, but unsure if they will restore it. If you cannot access the channel, you can always find the latest debug builds here: https://github.com/MuntashirAkon/AMInsecureDebugBuilds
It appears the Debug channel was reported to Telegram by someone or some people, and Telegram decided that it violated their ToS without any explanation and thus blocked the channel. I have appealed against the decision, but unsure if they will restore it. If you cannot access the channel, you can always find the latest debug builds here: https://github.com/MuntashirAkon/AMInsecureDebugBuilds
GitHub
GitHub - MuntashirAkon/AMInsecureDebugBuilds: Insecure debug builds for App Manager. Updated every time changes are pushed to theβ¦
Insecure debug builds for App Manager. Updated every time changes are pushed to the App Manager repository. - MuntashirAkon/AMInsecureDebugBuilds
π±46π41π18π¨17β€11π’10π4π«‘3π€2β‘1π1
App Manager | CHANNEL
Notice. It appears the Debug channel was reported to Telegram by someone or some people, and Telegram decided that it violated their ToS without any explanation and thus blocked the channel. I have appealed against the decision, but unsure if they will restoreβ¦
I'm discontinuing support for debug builds altogether since the development has been significantly affected by my inability to allocate enough time to the project. The debug users are requested to migrate away from the debug builds as a result.
Another bad news coming in the following year: Google has been removing support for SDK 21-22 (Android Lollipop) from the core libraries. This means App Manager will eventually have to discontinue support for Android Lollipop since it heavily relies on those libraries. (If you're still using Android Lollipop, it's probably to time to finally make that upgrade.) However, I plan to support the affected users as long as possible by offering a maintenance-only version of App Manager. This version will not be receiving any new features, but it will continue to receive critical bug fixes on a yearly basis.
I'm still working on merging the translations from Weblate. After this is done, I need to update the docs and changelogs for the next release. Considering the amount of time I can allocate, I forecast that it will take one and half month more.
Another bad news coming in the following year: Google has been removing support for SDK 21-22 (Android Lollipop) from the core libraries. This means App Manager will eventually have to discontinue support for Android Lollipop since it heavily relies on those libraries. (If you're still using Android Lollipop, it's probably to time to finally make that upgrade.) However, I plan to support the affected users as long as possible by offering a maintenance-only version of App Manager. This version will not be receiving any new features, but it will continue to receive critical bug fixes on a yearly basis.
I'm still working on merging the translations from Weblate. After this is done, I need to update the docs and changelogs for the next release. Considering the amount of time I can allocate, I forecast that it will take one and half month more.
π117β€66π16π5π4π₯°3π2π2π₯1π€©1