|
|
|
|
|
|
by reactordev
159 days ago
|
|
|
You think a recruiter will be a forensic security researcher? Having document level digital signature is enough for 99% of use cases. Most software that a consumer would have respects the signature and prevents any modifications. Sure, you could manually edit the PDF to remove the document signature security and hope that the embedded JavaScript check doesn’t execute… |
|
|
Yes, most consumer software does respect what you say. But it’s easy for a minimally motivated consumer to obtain and use software which doesn’t.
However, the context we were discussing was neither a consumer nor a forensic security researcher, but a recruiter trying to do shady things with a resume. I don't expect them to be a specialist, but I do expect them to be able either to get the kind of software I just described with a security stripping feature, or else to have access to third-party software specifically targeting the recruiter market that will do the shady things - including to digitally signed PDFs like yours - without them having to know how it works.