Making empirical decisions about web access (here in 2026)

The article argues that while attackers control most HTTP header information, web agents still emit valuable signals for access decisions. Inconsistencies in user-agent data can reveal suspicious activity, even if the data could be faked. The author advocates for empirical, thoughtful interpretation of these signals rather than dismissing all non-IP information as untrustworthy.