I’m trying to understand the bot problem in the internet and finding more ways to defend myself. One thing that I can’t seem to understand is why most bots, scrapers and crawlers seem to have residential IPs.
- Is it that ISPs are being paid by tech-bros to assign them these IPs?
- Is it that residential devices have been hacked /contain malware that does this?
- Is it trivial for companies to assign themselves residential IPs?
- Paid volunteers are doing this for AI companies?
Or is there is some other reason for this?
Obviously this is a problem because one can rotate / cycle through residential IPs and if I aggressively block each offender in my logs permanently, then the next person assigned this IP who may be a legitimate user will be unable to access my site.
There was an article here about one of the companies doing this, basically one of the methods is having apps on people’s smart TVs or phones that scrape the web in the background and upload to a control server. So it’s a person’s genuine device in a genuine residence in some cases.
https://thehackernews.com/2026/06/free-apps-are-quietly-turning-smart-tvs.html
I remember just recently a post about a “smart” washing machine creating over 3GB of Internet traffic per day.
Iirc that was a math error on the poster’s part.
Interesting article.
That’s part of the problem. Most casual users of technology don’t know what they are saying yes to. They just want to do face swaps on sketchy apps. Even as a ‘more aware’ user, I have always considered my phone and TV to be the weakest links in my network.