Does Atom need to connect to moatpixel.com?


#1

When click Update, Atom starts downloading from moatpixel.com.
moatpixel is associated with a range of IP addresses and no recorded owner.

According to google the entire ‘moat’ entity is an ad|mal|spy|ware network with “Impression/View-Through Tracking”

Is it necessary ?


#2

I’ve never heard of moatpixel.com and I’ve never seen any code of ours that connects to it. This is where we check to see if updates are available:

And if you hit that endpoint with an old version:

https://atom.io/api/updates?version=1.5.3

You’ll see that there is no mention of “moatpixel” or even “moat”.

This begs the question, where did you download Atom from initially?


#3

Originally: https://atom.io/
I am going to do a clean install, since that’s not a service Atom uses.
I will report if it still is trying to connect to that domain.

I am getting the info from Little Snitch, which lists the connection attempts under Atom. I guess it’s also possible that something is pretending to be Atom.
But, the OS was installed on a new hard drive less than 3 weeks ago. All I have installed is development software, and Adobe CC. So, this seems unlikely.


#4

It could also be a package you installed in Atom. You may want to compare running Atom in Safe Mode to running Atom normally. To launch Safe Mode:

  1. Completely exit all instances of Atom
  2. Launch Atom with the command atom --safe

#5

is there a atom-build-in possibility to show all outgoing connections?
(and what plugin has caused them?)


#6

No, there isn’t. The Network panel in the Developer Tools will show any webpage-style requests (like if you put an img tag with a remote src in a part of the UI), but it won’t show any and all network connectivity. I’ve been monitoring Atom (various versions both from the website and built from source) as I use it with Little Snitch for the past three days. It hasn’t connected to moatpixel once.


#7

@leedohm thanks for testing and explaining what is shown!


#8

Ok. Thanks for the info. After a clean install, and adding the only 2 packages I use (minimap, open-recent) I have not had any further ‘weird’ requests being made.

I’ll probably stay on guard for a while, having no idea why little snitch reported the request in the first place. Oi.