The three classes of lie
1. Tampering lies. When a script overrides navigator.webdriver or HTMLCanvasElement.prototype.toDataURL, the replacement function no longer stringifies to [native code]. Checking Function.prototype.toString.call(fn) — and the integrity of toString itself — catches the patch. See function toString inspection.
2. Contradiction lies. The reported values disagree with each other: a Windows User-Agent with a Linux font set, navigator.platform of Win32 but a math signature from a different engine, userAgentData.mobile = true with maxTouchPoints = 0, or screen availWidth larger than width.
3. Scope lies. The most elegant: spawn a Web Worker and read navigator from inside it. Many spoofing tools only patch the main-thread navigator and forget the worker scope, so the two disagree. CreepJS leans heavily on this.
Why lie detection beats spoofing
Single-value spoofing assumes the vendor reads each signal independently. Lie detection assumes nothing and instead measures coherence. To pass, a scraper must present a fingerprint where every signal — UA, platform, fonts, canvas, WebGL renderer, math, timezone, languages, worker scope — corresponds to one real, existing device. That is why the durable approach is to run a genuine browser on genuine hardware (or a deeply patched build like Camoufox / CloakBrowser) rather than overriding properties at runtime.
You can see exactly which lies your own browser exposes — and the trust score they add up to — in the Browser Fingerprint Checker.
Building a coherent identity instead
The takeaway from lie detection is that the unit of stealth is the whole identity, not the individual field. Once a detector cross-checks the User-Agent against the JS engine math, the font set against the OS, the GPU string against the renderer, and the timezone against the IP geolocation, spoofing one value in isolation only creates a new contradiction. Every field you change has to be made consistent with every field you did not.
In practice that means starting from a real, internally consistent device profile and changing as little as possible — which is the approach managed scraping APIs and patched browsers such as Camoufox take. They present a coherent stack (engine, fonts, canvas, WebGL, headers, network) so there is no seam for the cross-checks to catch, rather than layering JavaScript overrides on top of a headless Chrome that still leaks its origin.