[fxtentacle]

I've found that it's almost never needed. Most of the "advanced AI human detection" things are glorified IP reputation systems. So you just need a few IPs that would be way too painful to block, for example US residential IPs, and you're good.

But if you really want to make sure, it's pretty easy to remote-control a cheap Android phone. Plus detection thresholds tend to be much higher on mobile, because filling out a ReCaptcha with a touch screen is just such a horrible user experience.

[jmt_]

Interesting idea leveraging a cheap Android. I wonder how difficult it would be to modify an instance of a regular headless browser in order to convince a website you're using an Android browser. Not sure if Androids just come with mobile Chrome these days or if OEM/carrier-developed type stock browsers still get shipped.

Also totally right on the IP reputation point. I saw a post on HN in the last few months of someone describing how they used a cheap mobile data plan + USB LTE modem to proxy their web scraping. I believe you get effectively treated as a residential IP (depends on the complexity of the system - if they're simply blacklisting datacenter IPs then this should work) with the additional benefit of being able to change the IP assigned to the modem easily.

[mdaniel]

> remote-control a cheap Android phone.

Any idea if the android emulator would suffice? For sure cheaper and easier to automate since rooting those can be much easier than rooting actual phones, which are usually designed against such things

[ridgered4]

Could you use some kind of android emulator for this task instead of an actual phone?

[darkpatterns]

Not if the antibot product is checking canvas and gpu render hashes. If you present a random hash instead of a well-known hash for an iPhone or flagship Android handset, that generally registers as a red flag.