Inbound Rocket tracks every visitor that comes to your site using a technique called evercookie. Every time a visitor lands on your WordPress, Inbound Rocket will check for the presence of an existing tracking cookie. If a tracking cookie doesn’t exist, Inbound Rocket spins up a unique code for that visitor and will log every page that person visitor moving forward.
Inbound Rocket cookies are set to never expire. Normally when a visitor would delete his or her cookie, or even switches browser on the computer this would result in Inbound Rocket thinking this person is a “new visitor” the next time he or she arrives on your site and assign a new tracking code.
Since we want to be able to track your visitors in the best way possible we decided to use a technique called “evercookie“.
So what is this evercookie? And why does my virus scanner warns me about it when installing your plugin?
evercookie is a javascript API available that produces extremely persistent cookies in a browser. Its goal is to identify a client even after they’ve removed standard cookies, Flash cookies (Local Shared Objects or LSOs), and others.
evercookie accomplishes this by storing the cookie data in several types of storage mechanisms that are available on the local browser. Additionally, if evercookie has found the user has removed any of the types of cookies in question, it recreates them using each mechanism available.
Specifically, when creating a new cookie, it uses the following storage mechanisms when available:
- Standard HTTP Cookies
- HTTP Strict Transport Security (HSTS) Pinning
- Local Shared Objects (Flash Cookies)
- Silverlight Isolated Storage
- Storing cookies in RGB values of auto-generated, force-cached PNGs using HTML5 Canvas tag to read pixels (cookies) back out
- Storing cookies in Web History
- Storing cookies in HTTP ETags
- Storing cookies in Web cache
- window.name caching
- Internet Explorer userData storage
- HTML5 Session Storage
- HTML5 Local Storage
- HTML5 Global Storage
- HTML5 Database Storage via SQLite
- HTML5 IndexedDB
- Java JNLP PersistenceService
- Java CVE-2013-0422 exploit (applet sandbox escaping)
As you can see evercookie uses a whole lot of different items to make sure we can do the absolute best we can do to track your visitors. However, because of all these different ways of tracking some virus scanners will give a warning when trying to install Inbound Rocket. This is mostly related to the applet sandbox escaping within Java which
However, because of all these different ways of tracking some virus scanners will give a warning when trying to install Inbound Rocket. This is mostly related to the applet sandbox escaping within Java which evercookie uses.