[tux1968]

Wouldn't be surprising to find that security conscious people are more apt to alter their user agent string or have a plugin that rotates it often to counter fingerprinting. There are probably fewer genuine IE11 users than what is being detected.

[gruez]

>or have a plugin that rotates it often to counter fingerprinting

That's not going to fool any competent fingerprinting scripts. Blink/webkit/gecko have different javascript implementations so it's easy to cross-check whether your user agent header matches your "real" user agent. The only thing you're really going to fool are server side logs for user agent. If anything, using user agent spoofer is an entropy source (makes you stick out more) because most people don't spoof their user agent.

[bduerst]

Rotating the agent alone, right, but it's part of a larger set of tools usually. I don't think anyone is implying that security conscious users are only doing that.

[tux1968]

You don't have to convince me, I agree. But the fact remains i'm pretty sure it accounts for some number of the reported IE11 users.

[ukyrgf]

Which is all good in the browser, but the access logs are still going to say Internet Explorer.