I had another version of this at the DMV. They needed to see bills that offered proof of my residence (ie power/water/etc). Turns out they wanted them to be mailed to you, which wasn't going to work because I do paperless billing for everything. So I printed them out and tri-folded them as if it had been in an envelope.
People in front of me in line got turned away for using printed bills, but mine worked just fine.
Yes, they also do this for ID's, and for voter ID's. It's specifically created to prevent people whom don't have only 1 permanent address,with paper billing, being able to live their daily lives. I had to go to a local county courthouse 4 times to get a "realid" and to renew a driver's license. I had to call all sorts of people to get printed statements sent to me. It's incredibly ridiculous, I would call it completely contrary to the ethos of the United States, even. That as a citizen with all these forms of ID I still cannot readily operate as a citizen in my own country.
Isn't this just a consequence of inefficient government? These people don't get paid enough to care about their job to make a great experience for people. My friends working in government all say it's near impossible to get fired. It's why reasonable people try to not give more power to the government than they should.
> I had to go to a local county courthouse 4 times to get a "realid" and to renew a driver's license.
If you have a passport... no need for a "real ID" driver license.
If you don't like having to carry that big book around, other solutions include a federal passport card (USD 65) [1]. Same size, so fits in wallet. Bonus is it does not have my address on it, nor does it show what state I live in.
If you're a legal non-citizen, you can use the passport of your home country (which you're required to have in the USA, and should carry with you when you travel anyway).
Similar issue at our version of the DMV, the Traffic Department.
Had to provide proof of address and the only thing I had was the rental agreement with my landlord. But the copy I had was signed by me, but not countersigned by my landlord.
The clerk didn't want to accept it. I told him I could just walk out and fake a signature. He said that's OK and that he isn't a policeman. So I countersigned it in front of him. He paused and then accepted it.
> I told him I could just walk out and fake a signature. He said that's OK and that he isn't a policeman. So I countersigned it in front of him. He paused and then accepted it.
Well, I mean, forgery is a class C felony, at least in my state. If you had walked in with the signature on it, the clerk would have had plausible deniability. Your act of forging in front of the clerk took the plausible deniability away, making them complicit to a felony.
You're really lucky they accepted it. They had no good reason to take on that legal risk.
I was worried about this when I got my RealID in CA, but I printed stuff out and took it in. I use heavy printer paper and I printed it in color on a laser printer, so maybe that's why it worked? Who knows. This policy is just insane.
It's so insane that this is the state of things. For some documents I have to sign they have to be printed out and signed with ink, and then scanned and not taken a picture of.
Why?
This is obviously way less safe than using digital signatures, which are bound to me by SSO. Anyone could sign any document with a fake signature that looks just like mine, it would be very hard for them to do a digital signature associated with my account.
I get so much paper mail it's insane. Paper mail that I'm supposed to respond to with more paper mail.
It's intellectual laziness. Bureaucrats presume that paper, feeling more "solid" than a digital copy of something, is somehow more secure.
I've run across this many times when people use the word "best practices". The most safe thing is often breaking convention, so "best practices" becomes the unsafe thing everyone has done for years, even when it's _not_ industry standard or a good idea.
> They needed to see bills that offered proof of my residence (ie power/water/etc). Turns out they wanted them to be mailed to you,
What state? Certainly, that's neither in the Federal REAL ID requirements (more stringent than most preexisting state requirements) nor most states implementation of REAL ID (which can be narrower than what REAL ID allows.)
E.g., California, for REAL ID, requires documents (not necessarily bills, though those are among the things explicitly on the list of acceptable documents) that are printed (not necessarily mailed) and show the physical address.
I've made a couple attempts in the past to learn why proof of one's address was considered important in the REAL ID spec yet proof that is (and was in 2001) often easier to fake than obtain honestly is accepted. Each time I've come up short. Previous state IDs I got in two states did not demand any proof of my address that I can recall.
Is there a good explanation of the reasoning behind this requirement documented somewhere?
Which is crazy, because those would be trivially easy to fake.
And then REAL ID is considered as reliable as a passport (except to fly internationally, of course), so you've bumped up the level of trust a huge amount with one simple edited printout of a bill.
New York is possibly more lenient on these things, but after scrolling on the website I realized they allowed anything postmarked to you at the address. Fortunately I had just gotten a thank-you card in the mail with my name and address on it and that was accepted for 1 of 2 proofs of address for my RealID. And the second was just a form I signed that said I lived there, given to me by the DMV clerk when I was there.
I glanced at another state out of curiosity and it seemed stricter.
Get a color laser printer and print out whatever you’d like. Anybody that sees a crisp color printed paper will assume it was actually mailed to you.
Another tip if you need “proof of address” is to use any notice from your State that your license or other paperwork is expiring. They’re a government agency, the paper is printed on their letterhead, and it’s addressed to you at the address you’re already trying to establish!
If you do not have a physical address (e.g., live on a boat / in an RV), our local DMV will tell you to use the street address of a local homeless shelter.
This probably won't get you past the requirement of utility bills in your name at that address to get a "Real ID" that allows domestic flights without a passport, though.
Same thing for getting a PO box, you need a physical address first. The post office will tell you the same thing, to use the address of a homeless shelter.
The folks writing these laws do not live in vans, and do not care, nor even think about the impact of their actions on folks with alternative living arrangements / folks poorer than they are.
In many places in the US it's de-facto illegal to live in a van, in some places it's explicitly illegal. Even if the van is parked on private property it'd still be illegal to be your primary residence due to zoning. There are exceptions for RVs and boats because they have sleeping, cooking and toilet facilities (which are required to be built a certain way).
In many places your driver license is used as authoritative identification for many other things, and the assumption is that those things require this additional verification. I don't know, but I think registering to vote might be one of these things in some places (it's been a while since I registered).
If you live in a vehicle/RV it can be hard to prove residence. I've used UPS Store boxes but most places have caught on to that and don't allow it anymore. I've been told you can use a homeless shelter as the residence and a box as a mailing address but haven't tried it myself.
I really hate dealing with my printer (or any printer for that matter), so I make pretty liberal use of my drawing tablet at this point. I import the PDF into Krita, use the ballpoint pen brush, and sign. I export to PNG, then use an imagemagick script to rotate it some random number between 1-3 degrees, and add noise onto it to look like a scan.
It's a pain, but it's still less annoying than dealing with a printer.
Just a couple months ago I had a couple of forms rejected with a note “needs wet signature”
They were for a 401(k) plan I was updating RMD choices. I got the PDF form from their site, filled it out in Preview, pasted my signature PNG, and used an app on my phone to fax it(!) to their number.
Got rejected. Had to actually print the damn things and sign them with a pen, scan them again with my phone’s camera, and re-fax them.
I should probably do that. I've always hesitated because the paranoid part of me thinks they'll catch on to it being digital if I have to sign in ten different places and they see that the signature is literally identical for each one. My Krita solution, while annoying, allows for me to have a slightly different signature for each one, for each form I sign, allowing it to pass all but the most judicious level of forensics.
Granted, no one is going CSI on anything I sign. I should probably just make like ten pngs of my signature and paste those in.
When we were buying a house back in 2009 (before electronic document signatures, which are the most amazing thing ever compared with the old way) we had to sign zillions of different pieces of paperwork going back and forth while making offers and so on. I was doing most of this during the day from the office, and all the paperwork had to be signed by both me and my wife.
So what I'd do was take the PDF, paste in my wife's signature, print it out, sign it myself, then fax it over. Never had any problems.
It depends on what you're signing. My letters of authorization to my bank require a "wet signature." Scanned or photographed and emailed is fine, but they want you to print and sign, and they've sent it back to me when they can tell I've used a digital stamp.
This product looks interesting, although the idea of me entering coordinates for the stamp instead of just stamping it in a GUI is not at all appealing...
This, but with extra noise around the signature and with at least 4 unique copies, max number of times one has to sign full name a document (in my personal xp).
Whomever is going to read it and check for digital, will probably check closer on the signed pages. Also make sure the signature isn't too perfect and not too regular on the ink :)
Ditto, had it only once that they complained the signature on separate documents was identical. Well, just wrote it down a couple more times in case I run into that again.
I've seen this one, I think it was on HN about a year ago, but a lot of the forms I've been signing in the last year have been stuff containing a fair amount of personal information (e.g. wife's immigration stuff, refinancing a house, banking annoyances, etc.). I can't really audit the code for an online service, and I find it unlikely that either Krita or ImageMagick are sending this information externally, considering both seem to work fine even without an internet connection.
EDIT: Clicking on it, I see the source code is available. If I can run it on my local box then this might be a little less nasty than mucking with the `convert` command.
Years ago I user a good blue Ball pen and signed in a blank paper. I scanned this in high resolution, cropped, fattened the lines, removed background and saved it as a transparent PNG.
I added this PNG as a stamp to my favourite PDF software and have signed many many documents.
The thing to remember is to flatten comments after I stamped my signature onto the document.
I've signed and returned almost everything requiring a signature for years this way, you can even have multiple signatures (helpful when you need spouse to sign something too...) in Preview to speed up dealing with these kind of tasks. I've never once been asked to sign it with a pen instead, even for relatively complex transactions like houses/cars.
Because Preview lets you draw the signature using the TrackPad and a finger, I've had no difficulty making a very convincing replica of my actual signature in Preview.
While the linked tool may "look" more convincing with fake photocopy marks etc, for just signatures its not been necessary to go beyond Preview for me ever. In the US so much business is conducted on paperfree platforms like DocuSign etc that I don't think many people even notice the fact the signature is digital anymore, given platforms like DocuSign do more or less the same thing.
I had passport photos rejected due to my eyes being too shaded or something. One eye seemed a little darker according to the error messages. I tried taking new photos, including ones from I paid for (done at a pharamacy) and still failed.
In Preview I copied one eye and put it over my troubled eye, reversed. It worked.
I’ve been though face detection systems in various countries (US, UK, France) and I seem to get through ok.
I knew that, and I do run macOS, but the signature always looks "digital" to me. It's not bad, but with Krita and it's pen or pencil brushes, in combination with a decent drawing tablet (well, as decent as a Huion screen tablet is) with a pressure-sensitive pen, I can get something that looks outright indistinguishable to a physical signature.
I have a shell script based on ImageMagick that gives a PDF a "scanner" look. I typically open the PDF in Master PDF Editor to insert an image of my signature, then pass it through my script. When I do need it, it's rare, but it becomes a real life saver. It has avoided me the need to print and scan 100+ pages for a mortgage company, some stock brokers and banks. Key points of the script:
"+noise Random -fill white -colorize 95%" to add some noise to the image
"-distort ScaleRotateTranslate '$x,$y $angle'" to randomly shift horizontally and vertically the document, and randomly rotate it slightly
"-density 150" for a low-ish resolution so it better hides the fact the PDF wasn't really scanned
"-colorspace Gray" to make it black & white
"-quality 60" to increase JPG compression and somewhat reduce picture quality
#!/bin/bash
# Make a pdf look like it was scanned.
if [ $# -ne 2 ]; then
echo "Usage: $0 input output" >&2
exit 1
fi
tmp="$1".scanner-look.tmp
mkdir "$tmp" &&
# without -flatten some PDF convert to a JPG with a black background
convert -density 150 "$1" -colorspace Gray -quality 60 -flatten "$tmp"/p_in.jpg &&
: || exit 1
# each page is randomly shifted in the X and Y plane.
# units seem to depend on angle of rotation in ScaleRotateTranslate?
offset() { echo $(($RANDOM % 1000)); }
for f in "$tmp"/p_in*jpg; do
# each page is randomly rotated by [-0.5 .. 0.5[ degrees
angle=$(python -c 'import random; print(random.random()-0.5)')
x=$(offset)
y=$(offset)
convert "$f" \
-blur 0x0.5 \
-distort ScaleRotateTranslate "$x,$y $angle" +repage \
\( +clone +noise Random -fill white -colorize 95% \) \
-compose darken \
-composite \
${f/p_in/p_out}.pdf || exit 1
done
# concatenate all the pages to one PDF
# use "ls -v" to order files correctly (p_out-X.jpg where X is 0 1 2 ... 9 10 11 ...)
pdftk $(ls -v "$tmp"/p_out*.pdf) cat output "$2" &&
rm -rf "$tmp"
I have a script for the same purpose too, but I prefer a black-and-white 1-bit palette for that fax look. Here's my version -- note that it uses graphicsmagick, img2pdf, optipng, and pdftk. Also enforces A4 so some of you may want to change that. For fun it's doing the page processing in parallel to speed up a bit with large documents.
#!/bin/bash
# Adds a bad scanning effect to PDF files.
if [ $# -ne 2 ]; then
echo 1>&2 "Usage: $0 input.pdf output.pdf"
exit 3
fi
convertPage() {
# PDF filename in first parameter, page in second
file=$1
page=$(($2-1))
png=$(printf "pdf2scan-page-%05d.png" $2)
# Convert PDF page to black and white PNG
gm convert -density 300 "$file"[$page] +dither -rotate 0.35 +noise Gaussian -type bilevel -fill white -fuzz 90% -colors 2 $png
# Optimize PNG
optipng -silent $png
}
export -f convertPage
# Read number of pages
pages=$(pdftk "$1" dump_data | grep NumberOfPages | sed 's/[^0-9]*//')
# Loop through pages and convert in parallel
for i in $(seq 1 $pages)
do
echo "$1":::$i
done | parallel --eta --colsep ':::' convertPage {1} {2}
# Create PDF from PNGs
img2pdf -o "$2" --producer "" --pagesize A4 pdf2scan-page-*.png
# Remove temporary files
rm pdf2scan-page*
For a cleaner 1-bit look without noise and rotation, use "gm convert -density 300 "$file"[$page] +dither -colors 2 -type bilevel -fill white -fuzz 40% $png".
Kind-of-related: I'm wondering if anyone can help me find a website I found a long time ago (probably through StumbleUpon, if that tells you anything about how long ago)
It was a "government document simulator." What you would do is upload a nicely scanned document, and it'd give you back a mis-alighed, crappy quality "scan" of that document, with random blotches and other visual noise. You know, like regular government/FOIA-received documents.
I feel like this is halfway there, if not more (so thank you!), but that website was so authentic.
I don't know if it's even around, but it made me giggle, and I'd like to find it again. If not--great startup idea!
"-flatten" results in all PDF pages being rendered into a 1 page PDF output. If "-flatten" is removed, I get a multi-page PDF output as expected. Thoughts?
EDIT: "-flatten" does what it is supposed to. Delete if operating on multipage PDF.
Weird. I could swear "-flatten" didn't behave like this years ago when I last used my script. But maybe I am misremember...
Edit: haha! The "-flatten" needs to be replaced with "-alpha flatten". This way, multi-page documents are still handled correctly, and alpha transparency is also handled correctly. I just tried on this sample file with transparent images: https://tcpdf.org/files/examples/example_042.pdf
Though personally I just use something like Xournal++ to edit the PDF (add text, add a signature image, etc.) and then use the following command to "fake scan it":
I don't even bother with making it look like scanned. Just adding a png signature with Xournal and that's it. Mostly government requests it so they never cared enough to complain.
> For bureaucratic reasons, a colleague of mine had to print, sign, scan and send by email a high number of pages. To save trees, ink, time, and to stick it to the bureaucrats, I wrote this script.
Don't know about different Jurisdictions, but from where I am - this has NO legal binding whatsoever. We have those gov issued digital, invisible signatures for that, embedded in our personal ID card. Whatever is properly signed with digital signature, the printed out page bears no legal force.
Anyway, businesses still like to do it this way ("Signing" pdf by applying some pixels). I wonder if it is just an inconvenience to overcome both for businesses and consumers that just write this off and don't bother that it is such a weak binding. It is like some dirty workaround/hack to put those silly signatures on digital documents to get stuff done.
In the US, the Uniform Electronic Transactions Act, passed by most states, clarifies that basically any sound or symbol or process is a valid electronic signature. This is in line with general contract law, under which any manifestation, written or verbal or even non-verbal, that would reasonably be understood as assent, is sufficient to form a contract. Of course, if you want a court to enforce that contract, you're going to have to prove that the other party did provide assent.
I don't know where you are at, but I know for a fact that a scan of a signed document is binding in the EU. As far as I understand it doesn't even have to be a scanned document, you can sing a digital document by adding an image of your signature or just using your finger and a touchscreen.
In the US from what I read[1] the situation is pretty much the same a scan of a signed document is binding as well as non cryptographic electronic signatures.
I don't know where you live but in the EU eIDAS regulation sees a scanned document as a Simple Electronic Signature (SES). This is the most basic possible form of signing which is accepted.
So within the EU a scanned document is valid though the law does say the method used needs to be proportional to whats at stake.
I've noticed that the court documents issued by civil courts in Turkey have electronic signatures with signed hashes for each of the signatories (judge, clerk and all else) in every document. To make people not freak out, they seem to have also added a PNG image of a slightly smeared generic wet-ink looking signature above the hash so it looks real on first sight. But if you look closely the signatures are all the same, and the signature says e-imza (e-signature) in cursive. Heh.
Another cool thing, the whole document itself does have a hash where you can go to the website of the ministry of justice and input the hash to verify the document. It was unexpectedly neat.
Comments in this sub-thread need to distinguish between two dimensions to a signature: is it capable of legally binding the signatory? In most cases, any format will do. Is it going to be easy to enforce (I.e., to prove it was you that signed, and not your dog headbutting your mouse?) That's a damn sight harder, and many forms of (legally valid!) E-signature might not be accepted for that reason. Depends how much assurance is needed in the circumstances.
When companies ask for signatures to be done in a certain way, it’s often not because those things are a requirement to be a valid contract under the law, but because they want more evidence to support them should the contract be brought into question in court.
You could theoretically, in some cases, run a business on nothing but verbal contracts, but you would be foolish to do so because you’d have difficulty proving anything if it were disputed.
Yup, there was a literal act of congress that made e-signatures legally valid but it's not worth arguing with anyone who asks for an "ink" signature ime.
Same here. Real signatures on paper as well as cryptographic signatures are legally binding. Pasting a picture onto a PDF isn't but nobody wants to deal with the bureaucracy so they do it anyway. Getting a cryptographic token you can use to legally sign things is such a bureaucratic nightmare too, nobody wants to do it, including myself and I really like this stuff.
This sounds really unlikely. Does your country also not honor any sort of verbal contracts?
Would a business agreement concluded over email not be binding? Can you get away with fraud by just tricking people into agreeing to use docusign?
If (not cryptographically) esigned contracts are not binding in your country, how does that not cripple law enforcements ability to combat fraud involving such contracts?
If I sell you a car and we use a contract like this, do I then get to keep both the car and the money? If not, how is that contract not binding?
Same over here! Only difference is that with our IDs/certs you usually have a visible cert block on the PDFs. You can get it to be invisible somehow, but that's a bit of a hassle.
But yes, anything that's not a proper digital signature might as well just be a random png pasted into a pdf. No legal binding power whatsoever.
For the software they provide us to sign documents, there is a checkbox when I sign PDF files - whether I want some overlay that indicated that it is digitally signed or not. Thats probably the user friendly part of digital signatures :)
Having moved from Germany to Austria I was pleasantly surprised that they have a functional national ID system that you can use to sign PDFs with a qualified electronic signature. Within Austria, they have been accepted everywhere so far.
Usually sending them the following helps them be less stubborn:
> Gemäß Artikel 25 eIDAS-Verordnung hat eine qualifizierte elektronische Signatur die gleiche Rechtswirkung wie eine handschriftliche Unterschriftund wird in allen Mitgliedstaaten anerkannt.
Doesn't work always, but the times it doesn't I usually find a competitor that does prove to be more cooperative pretty easily!
For a project that you can use to actually sign (electronically of course) a PDF file or verify that a PDF file has a proper signature take a look a this:
It uses org.bouncycastle and apache pdfbox and is completely open source. I'd be happy to help anybody that wants to use it in his organization!
We use it sucessfully in my organization (public sector in Greece) for some years; notice that to be able to sign you need to have a proper certificate for your organization.
Nice, but from my experience people don't know digitally signed PDF. They want paper with wet signatures or looking like wet signatures.
On the other end of the scale I have seen pdfs signed with self created certificates or signed by mouse movement.
Yes, and in some contexts people seem to recognize digitally signed PDFs only when they “officially” processed by DocuSign, HelloSign, or a similar professional service.
Oh my goodness, I have dealt with a pedantic bureaucrat who rejected my signed PDF and insisted on the hand signature hahaha. So I printed the document out with my digital signature pasted twice, one below the other, and added a couple sharpie smudges to the bottom one before scanning to quietly “insist back” that there’s no difference between my manual and digital one. Regardless, The automaton was satisfied!
Preview has to be one of the most under-appreciated apps on MacOS. It implements so much handy everyday functionality that requires third-party software on Windows. Or did, last time I used Windows (admittedly some time ago).
On feature that I use a lot in Preview is to combine pdf's.
If you e.g. have a pdf invoice and want to combine that with the corresponding pdf receipt from the bank, I just open the two pdf files side by side in thumbnail view and just drag the pages (thumbnails) I want from one document to the other where I want to place them; rearranging the pages (thumbnails) later if I need to in the same thumbnail view. I am a huge fan of Preview! :-)
I love the integration with iOS as well. I was pleasantly surprised to find an option in Preview to use my iPad and the Apple Pencil for my signature. It even popped up some otherwise hidden UI on the iPad to do so.
Preview has an odd selection of functions, though. On one hand it allows you to do plenty of these functions that you mention, but otoh misses on very trivial stuff like "I'd like to make my image a bit larger so I could paste another one next to it".
on windows i find myself bouncing around a lot between pdf viewers, choosing between lightweight but feature sparse options (sumatra) and heavier, more featured programs (acrobat, foxit)
I always use Preview to "sign" documents due to a lack of a scanner, but I've found in some cases, companies refuse to accept the document because they think it's not actually printed, signed with a pen, and then scanned...
Tools like this will skew and degrade the image in a similar way to a scanner so that it fits this ridiculous requirement
Have you tried signing a piece of paper with a pen and using Preview’s signature scan feature? It creates a very realistic looking signature in my opinion.
Same. You don't need a camera, you can doodle a signature with a mouse and it's fine. I bought a house this way with no trouble.
It's funny to me to look at a company like DocuSign whose shares surged early on the in the pandemic because they expected a dramatic increase in need for digital signatures and then the price crashed when it turns out that signatures aren't actually useful and we can just live without them.
This issue this app attempts to solve is companies that insist on a scanned "wet" signature, and will send it back if it looks like you just pasted in your signature stamp.
I think the author of this tool is totally missing the point of the print/sign/scan legal hoop that one sometimes has to jump through. The law sometimes requires certain documents to be "in writing" and there is, unfortunately, a legal tradition tied to this that "in writing" means "physically on paper", which many lawmakers and bureaucrats unfortunately haven't managed to properly transition into the digital age.
However something that is quite a separate matter is the question of whether one needs to actually be in possession of that piece of paper. A scan of an original serves as proof that the original exists. ...and this is usually all that anyone requires for practical intents and purposes.
But: You're not supposed to do print/sign/scan, and then just throw away the original. You're kind of supposed to keep it in case you're ever asked by a court to produce it. The document partially loses its forensic value if no original can be produced.
If that's the point, why does nobody ever say to keep the original?
If the counterparty needs it, why don't they request you sign two copies and send them one? The idea that they would later want it for forensic evidence that you really did sign it seems odd: if it's in their benefit and you wanted it to not exist, and you're the one possessing that original copy... you can make it not exist.
I guess, when such administrative procedures are decided, then the kinds of considerations that go into it have to do with whether the document is more to your advantage or more to theirs. In a high stakes situation where the document is to their advantage (like you sign an employment agreement), they routinely will insist on having a signed original rather than just a copy or scan. In situations where the costs of dealing with paper originals outweigh the potential benefits, they might well not insist on having paper originals.
But, to come at it from the other side: If you want to make sure you can actually rely on the document in court, it's probably a good idea to keep originals and definitely a bad idea to use this FalsiScan tool.
The lowly-paid administrator who deals with you might not be able to detect the FalsiScan that you submit. But if something goes to court and it benefits them to undermine the forensic value of the document, then you might well find yourself faced with a digital forensics expert proving to the court that the document came from this FalsiScan tool. This opens the possibility that, for example, a third party with access to your computer that contains all the digital assets to create FalsiScans (like a scan of your signature) could have created the PDF.
It's not obvious that you would want to respond to that by saying "but I definitely definitely did use FalsiScan myself, meaning the PDF to represent my signature on the document".
If the other party can make it look like you purposefully sent something that would make it past their administrative procedures but would have questionable forensic value so that you could later have it thrown out in court, then you can no longer rely on the document yourself and could even be liable to damages that resulted from their relying on it.
If they can clear a slightly higher burden of proof in the general direction of fraud, they could even come after you criminally: Fraudulent creation of digital assets of forensic value (like scans of paper documents) is a criminal offence. -- At least in Germany; I don't know U.S. law that well.
That also applies to your original suggestion about making a document not exist whenever it serves your purpose for the document to not exist. ...that too is kind of a criminally relevant thing that you probably don't want to do.
I hate PDF's with a passion. Not once have I ever wanted to use one. All the pinching and zooming, such a waste of time. I'm giving this a shot next time I need one, the whole scanner thing needs to go. Are we stuck in the 90's?
Just bought another rental and it was an ordeal trying to find a scanner. Tried the college near me, was denied as you have to be a student. The library is closed down apparently. FedEx didn't have one. The one at the Office Depot was broken. I ended up driving 30 miles to a friends house to use theirs, which required driver upgrades since nobody had used it in a year. I don't understand the point of jumping through all these hoops.
I feel the same with credit card signatures, completely useless and has never once helped me with identity theft or fraudulent transactions. Now I just draw a horizontal line or smiley face.
If you have a basic handle on a GUI Bitmap editor such as Photoshop or GIMP, and you have a hi-resolution phone, you can just take a photo of the sheet as parallel as you can manage and then create a document that is the same dimensions and then use the warp tool to fit the likely skewed photograph to the exact digital document.
When is the last time you had to pinch and zoom on a website? Text can reflow perfectly well, if you give the renderer the necessary information. With PDF, similar to PNG, you're specifically telling the renderer to put this pixel exactly over there and nowhere else, so it cannot nicely make it all be readable comfortably.
If mobile devices required zooming and panning to read anything, they'd not be popular at all, so they're apparently not where the problem lies.
Smart phone scanning apps are incredible. I’ve ditched a flatbed years ago and solely rely on my iPhone. It works like magic. The quality is good-to-great, and it fits well with my workflow. Worth the ten bucks or so investment.
Don't even need to spend $10 — the scanning is built into iOS, you can get to it from the Files or the Notes app, or even from your Mac (right-click somewhere and "Import from iPhone or iPad").
I was told by a convenience store clerk that it's best to simply write "SEE ID" in place of a credit card signature. In the event the card is stolen, or there is some doubt as to its user, perhaps the criminal would be stupid enough to actually show their ID.
I recently learned that a cryptographic signing operation on a PDF is more or less bogus due to the complexity of the format. Every once in a while some researchers take a look and find a bunch of new ways to forge such things. I guess the root problem is that you end up signing a whole whack of stuff that you don't see or understand. That isn't ever going to work. I think that in practice you can only sign plain text if you want it to be secure.
So this really isn't any worse than the alternatives, at least for PDFs...
IANAL, but this depends on the jurisdiction. In some places (e.g. Ontario, Canada), e-signatures are fine; often this is because the law explicitly says they have the same effect as a "wet" signature. In this case, "looking real" doesn't enter into it.
In others (e.g. Denmark), you don't even need to sign - merely stating your intent to accept a contract, and having a clear record of that intention, is enough. In this case, again, "looking real" is a non-issue; you can even send an email in some cases.
In yet others, you will definitely be asked for a "wet" signature, and a digital signature is not considered legally acceptable. Here looking real could matter; if your signature is obviously non-physical, it may be refused.
This also varies by situation. In some places, banks want to see a wet signature, _and_ will compare it with an existing wet signature they have on file. In this case, it very much matters how real it looks, where "real" means "matches this other real signature". (Does this make sense? Arguably no, but that's the way it currently is.)
Singapore has this halfway thing which means some documents can be e-signed (purchase orders) but more “serious” documents like lease agreements need a wet signature.
I had to look it up when doing deals with someone in Japan, and Wikipedia (iirc) told me that specifically in Japan just scribbling over the pdf via the touchpad is not a legal thing—you have to do the paper dance. Judging from the comments here, France also doesn't encourage all-digital laziness.
And that raises the question for those of us that had to sign a bunch of documents when things were locked down: What purpose does the signature serve? It was a constant hassle that wasted a bunch of my time, and it ultimately was not a signature.
Yup, I just "sign" in Acrobat Reader using a signature image I scanned a long time ago, which should be pretty obvious to most people what I've done. But nobody ever complains.
I use gimp for this. One layer the imported pdf, the next with my scanned signature from ... 1998? Position, scale to 1024 or so, export grayscale jpg with enough compression to create artifacts, done. The poorer quality the better, tends to make it seem more "legitimate."
I think I have witnessed the apogee of bureaucratic obsessions with printing and signing. I sent an email to what is similar to the IRS in my country and they answered by typing up the answer, printing it, signing and stamping it, scanning it and attaching it to the reply in my email.
I send "fax" via https://epost.de which is incredibly useful public authorities. You upload a PDF and they print it and send it as snailmail. Since they verify your identity, it has the legal status of a fax (is my understanding).
A similar absurdity is that most legal documents filed with the courts in the USA now use "conformed signatures" which means you just type your name and put /s/ next to it. That means you pretend you have a "wet signed" document somewhere to back it up, but in reality no lawyer is doing this.
I know its open source, but do we really want to upload a (maybe sensitive) pdf to an unknown server? Because people will, when its in the form of a website.
I had to do this! It was a 3-4 page document and I thought printing and scanning was stupid, but did it anyway. Naturally I only printed and scanned the last page with the signature on it. They rejected it saying I had to print and scan the entire document!
I would be very tempted to use something like this next time, however I have a feeling that the same people who think this is sane would accuse you of fraud if they ever found out. Not sure if it's worth it.
I've done this sort of thing often (and more quick&dirty) and nobody had an issue with it yet. Just put a good quality signature on the doc and then export the whole thing as fairly low quality. Making the signature blue and the rest of the document black and white probably also helps. But I never even needed that much.
I vaguely recall hearing a while ago that it may be counted as a forgery if you copy and paste your own signature that way. These days it even happens that you can simply type your name as a signature, but it's quite hard to be sure what's okay and what's potentially a crime with these bureaucracies. But for a tool like that, it might be useful to write down in which jurisdictions it's certainly okay (or not) to use.
IANAL. Wikipedia, "Forgery is a white-collar crime that generally refers to the false making or material alteration of a legal instrument with the specific intent to defraud anyone (other than themself)."
Another comment: I completely love PDF exchange editor. Used their free version for years and finally paid for it which I should have done a long time ago.
Don't most PDF reader software (Adobe or otherwise) have the functionality to let you imprint a signature onto a PDF file and save it as a new file? You'd have to set up your signature (likely by scanning it) the first time, but once it's done, you can "sign" PDF documents with by clicking a couple buttons. I've done that for a ton of documents by now and have never heard a complaint.
Yeah but they don't accept that. They literally make you print out, sign in ink then scan back in and reject it if they detect you haven't done that properly.
This could go a lot further. I once did something similar with a rubberstamp image taken from the web, replaced some of the on-a-curve text in the GIMP, applied various filters to make the seal look like it was stamped on unevenly, and composited it over the page. Did the trick.
Would be neat to have this take a rubberstamp image and do all that work too.
When I moved to Australia I needed to get some documents (uni degree, work experience etc) verified by the Australian Computer Society. They required me to get a notarized copy of the original and SCAN the notarized copy, to be uploaded electronically. To this date I've yet to come across anything more stupid than this....
Heh I had to make a version of this for myself. I had a vendor that required a "wet signature" for a document, so I took the PDF, added my digital signature, exported it to JPEG, and then used a command line tool to rotate the image 1% left and then 3% right so it looked like I scanned it a little crooked.
Does anyone know of a good PDF-editor (with ability to alter OCR'd text) for Linux? Editing pdfs (I know, I know, pdfs are not meant to be edited) on Linux is huge PITA, and LibreOffice Draw/Write do not cut it for me, so I have to resort to Adobe Acrobat from dualbooted Windows.
I used to use tools like these but then I wondered - why do I "need" to make an image look scanned? Why do I have to add all this noise to the image before sending it over? Why can't I just take a photo of whatever I need to send and leave it at that?
If you have a PDF editor that can save a PDF/A (archive PDF), it'll convert the whole document into an image. So, I just paste in my signature and export as a PDF/A and from their perspective it's just a single image like it was scanned.
Would be nice if one could add some stego-like features to the inserted signature img so that if lifted it would be detectable in a new pdf. Obviously the savy forger could circumvent it pretty easily but the lazy screenshooting crook would not notice.
I used my remarkable tablet to sign something once and it got rejected for looking too good. Had to print, sign, and scan with phone app to pass the must look crappy approval process.
Nice to see so many similar minds around. Of course I also have my procedure. Mostly gimp.
My signature image has transparent background, so it can be put upon the signature line.
Favourite part has to be where you can have a list of signatures to randomly choose from. I assume it was done so that not all signs look same and robotic ?
If you have MacOS, open the PDF with "Preview" and you can add your scanned signature using
Tools->Annotate->Signature
You can have multiple signatures ready to use (see Annotate->Manage Signatures), e.g. multiple variations of yours, so they don't look all the same when signing a doc multiple times.
When including a signature you can position and resize it, e.g. to adjust for layout, font size, etc.
Whenever I had to do this, I inserted my signature, that have saved as image file, with LibreOffice Draw and then used an ImageMagick one-liner to make it look scanned. A script automating this is welcome.
Signing documents with visual signatures instead of cryptographic ones is already extremely archaic, but having to make them look like being signed by hand is absurdly so.
I have, in the past but not recently, run into situations where I need to visually sign something, and the form was rejected when I digitally signed it with MacOS Preview because they required the form be printed, signed, and re-scanned.
The primary use case is addressing situations where wet ink signatures are required by a party to a transaction without having to print, sign, and scan a document.
Yes, it is an odd combination of legacy (sometimes regulatory) requirements and modern technology, but there are numerous situations where only wet ink signatures are accepted, and “digital signatures” are not accepted—even though the document is stored in a digital format.
Wet ink signatures are most commonly required in finance / investment / banking transactions. They are sometimes required for B2B transactions. While not as common in the US as in other countries, you can also run into requirements where documents must be signed via wet ink signature under seal (or stamp). Scanning a document with a signature line that has been embossed with a company seal looks somewhat comical and arguably legible (especially if the scan is done with a feed-through scanner) but is required to get business done sometimes.
> For bureaucratic reasons, a colleague of mine had to print, sign, scan and send by email a high number of pages. To save trees, ink, time, and to stick it to the bureaucrats, I wrote this script
Heh. Probably unnecessary to make it look like it was put in the scanner misaligned. Just scan the signature itself and past that image onto the image of the document.
Meh. That really doesn’t always look very legit. Especially if you can “select” all the text, and when you select the signature you see a nice box around it. It’s then too obvious it was added as an image.
I don’t disagree that the whole “signing and scanning” is dumb, though.
Am i the only one who finds the current state of signing documents to be a bit incomplete, inconsistent and all over the place?
For historical reasons, we still need to allow signing things by hand, which has a number of challenges in proving the authenticity of any such signature and preventing falsification of signatures (especially if you don't have the original document with the ink but rather a scanned copy).
Then, there are digital signatures, though instead of one large standard for all of the world, we have a whole bunch of regional ones. For example, in Latvia we have eParaksts (translates to "eSignature"): https://www.eparaksts.lv/en/
It is a largely commercial venture, which allows signing documents with either data in the chip that's embedded in our national ID, or i guess mobile solutions as well and also gives you the ability to verify these arbitrary documents in a centralized manner as well. The good thing here is that it supports signing arbitrary documents and storing them in an .edoc container or even embedding the signature inside of PDFs or whatever, but it still feels very regional, is still centralized and most of the software for reading PDFs directly doesn't recognize their CA or intermediate certs as trusted and therefore gives you errors, so you need to do verification on their site.
But what happens when you need to somehow indicate within a document that you're signing it digitally? You just put the text: "THIS DOCUMENT IS SIGNED WITH AN ELECTRONIC SIGNATURE AND A TIMESTAMP" in text at the bottom, which seems silly and doesn't really mean anything - how are you supposed to examine that if you ever need to print it? Furthermore, this kind of locks you in to using the .edoc container and keeping it around and perhaps even think about how to quickly get and display its contents. Sure, they have desktop software for that, but it's not like you can automate that super easily (not saying that working with digitally signed PDFs is a walk in the park, either).
In some parts of the world, an electronic signature just means taking a JPEG (or an equivalent) of your signature and embedding it in a particular spot of your PDF or whatever, which is plain nonsense in my eyes - sure, it looks pretty, but there's no actual cryptographic protection or benefit to doing so, since it's laughably easy to reproduce by anyone who wants to fake your signature. It actually surprised me when digitally signing a PDF came up as a Linux challenge on Linus Tech Tips and Luke thought that this approach is what was intended (whereas Linus interpreted it more or less correctly but searched for the wrong thing, more or less): https://www.youtube.com/watch?v=TtsglXhbxno&t=257s
So, here's my questions to all of you, maybe you have some thoughts to share:
- why don't we have one centralized format of signing any and all pieces of data, with a focus on documents? (think GPG but actually used and internationally recognized)?
- why don't we have one centralized, yet distributed CA infrastructure with intermediate certificates by country and then further nodes for each institution with people's certs being the leaf nodes, so that we can validate any signature globally?
- why don't we have a format that involves representing this data both in digital and printed form, say, when you want to print a document, it essentially gives you this picture of your signature with a QR code besides it, that either involves enough information to validate this signature (be it crypto data or just an URL in the case of a web based solution), as well as the parsing logic to go the other way when scanning signed documents?
- how did we get to the point where the above is not our current reality? why didn't document signing ever get the love that something like SSL/TLS did?
- any ideas on how these things could possibly be improved? thoughts on fully decentralized solution (everyone has a private/public key) vs something that holds one's hands more and provides an easy to use interface or even lets you sign things on your behalf (e.g. like eSignature), ideally behind 2FA?
- could any such initiative ever be fully free and open source, possibly subsidized by the governments of the world? i mean, (almost) everyone has a pen, but not everyone should pay for DocuSign or whatever, right?
Hey Gitlab, could you consider adding the following CSS so that README images don't break out of their containers? Having to horizontally scroll to see this image is brutal.
You’d want to pair that with `height: auto`, or else it’ll damage the aspect ratio of images that specify width and height attributes (which you always should).
Image in question is missing those values. I personally think README images should be be lazyloaded (making those inlined aspect ratios important) but I guess that's down to the maintainer.
I had another version of this at the DMV. They needed to see bills that offered proof of my residence (ie power/water/etc). Turns out they wanted them to be mailed to you, which wasn't going to work because I do paperless billing for everything. So I printed them out and tri-folded them as if it had been in an envelope.
People in front of me in line got turned away for using printed bills, but mine worked just fine.
Yes, they also do this for ID's, and for voter ID's. It's specifically created to prevent people whom don't have only 1 permanent address,with paper billing, being able to live their daily lives. I had to go to a local county courthouse 4 times to get a "realid" and to renew a driver's license. I had to call all sorts of people to get printed statements sent to me. It's incredibly ridiculous, I would call it completely contrary to the ethos of the United States, even. That as a citizen with all these forms of ID I still cannot readily operate as a citizen in my own country.
It's also designed to make sure that poorer people who don't have stable, permanent housing have a tough time
53 replies →
The point is to authenticate residency, and while it’s not a great system, there also isn’t any better alternatives.
51 replies →
As a counterpoint, I had no problem using a printed cell phone bill as evidence of residency at a California DMV.
1 reply →
Isn't this just a consequence of inefficient government? These people don't get paid enough to care about their job to make a great experience for people. My friends working in government all say it's near impossible to get fired. It's why reasonable people try to not give more power to the government than they should.
I and my son both got RealIDs in California this year with printed bills after submitting the PDF versions online without any problem.
> I had to go to a local county courthouse 4 times to get a "realid" and to renew a driver's license.
If you have a passport... no need for a "real ID" driver license.
If you don't like having to carry that big book around, other solutions include a federal passport card (USD 65) [1]. Same size, so fits in wallet. Bonus is it does not have my address on it, nor does it show what state I live in.
If you're a legal non-citizen, you can use the passport of your home country (which you're required to have in the USA, and should carry with you when you travel anyway).
[1] https://travel.state.gov/content/travel/en/passports/need-pa...
Similar issue at our version of the DMV, the Traffic Department.
Had to provide proof of address and the only thing I had was the rental agreement with my landlord. But the copy I had was signed by me, but not countersigned by my landlord.
The clerk didn't want to accept it. I told him I could just walk out and fake a signature. He said that's OK and that he isn't a policeman. So I countersigned it in front of him. He paused and then accepted it.
> I told him I could just walk out and fake a signature. He said that's OK and that he isn't a policeman. So I countersigned it in front of him. He paused and then accepted it.
Well, I mean, forgery is a class C felony, at least in my state. If you had walked in with the signature on it, the clerk would have had plausible deniability. Your act of forging in front of the clerk took the plausible deniability away, making them complicit to a felony.
You're really lucky they accepted it. They had no good reason to take on that legal risk.
1 reply →
I was worried about this when I got my RealID in CA, but I printed stuff out and took it in. I use heavy printer paper and I printed it in color on a laser printer, so maybe that's why it worked? Who knows. This policy is just insane.
"That's a note, right? You should fold it."[1]
[1]https://youtu.be/ppunAo8ckBc?t=174
It's so insane that this is the state of things. For some documents I have to sign they have to be printed out and signed with ink, and then scanned and not taken a picture of.
Why?
This is obviously way less safe than using digital signatures, which are bound to me by SSO. Anyone could sign any document with a fake signature that looks just like mine, it would be very hard for them to do a digital signature associated with my account.
I get so much paper mail it's insane. Paper mail that I'm supposed to respond to with more paper mail.
Fuck that.
It's intellectual laziness. Bureaucrats presume that paper, feeling more "solid" than a digital copy of something, is somehow more secure.
I've run across this many times when people use the word "best practices". The most safe thing is often breaking convention, so "best practices" becomes the unsafe thing everyone has done for years, even when it's _not_ industry standard or a good idea.
> They needed to see bills that offered proof of my residence (ie power/water/etc). Turns out they wanted them to be mailed to you,
What state? Certainly, that's neither in the Federal REAL ID requirements (more stringent than most preexisting state requirements) nor most states implementation of REAL ID (which can be narrower than what REAL ID allows.)
E.g., California, for REAL ID, requires documents (not necessarily bills, though those are among the things explicitly on the list of acceptable documents) that are printed (not necessarily mailed) and show the physical address.
I've made a couple attempts in the past to learn why proof of one's address was considered important in the REAL ID spec yet proof that is (and was in 2001) often easier to fake than obtain honestly is accepted. Each time I've come up short. Previous state IDs I got in two states did not demand any proof of my address that I can recall.
Is there a good explanation of the reasoning behind this requirement documented somewhere?
I would bet entire dollars it was some local person's interpretation of the requirements, rather than anything intentional at the legislative level.
Which is crazy, because those would be trivially easy to fake.
And then REAL ID is considered as reliable as a passport (except to fly internationally, of course), so you've bumped up the level of trust a huge amount with one simple edited printout of a bill.
1 reply →
New York is possibly more lenient on these things, but after scrolling on the website I realized they allowed anything postmarked to you at the address. Fortunately I had just gotten a thank-you card in the mail with my name and address on it and that was accepted for 1 of 2 proofs of address for my RealID. And the second was just a form I signed that said I lived there, given to me by the DMV clerk when I was there.
I glanced at another state out of curiosity and it seemed stricter.
Get a color laser printer and print out whatever you’d like. Anybody that sees a crisp color printed paper will assume it was actually mailed to you.
Another tip if you need “proof of address” is to use any notice from your State that your license or other paperwork is expiring. They’re a government agency, the paper is printed on their letterhead, and it’s addressed to you at the address you’re already trying to establish!
Love this.
Also why does the DMV need a proof of residence? What if you live in a van?
If you do not have a physical address (e.g., live on a boat / in an RV), our local DMV will tell you to use the street address of a local homeless shelter.
This probably won't get you past the requirement of utility bills in your name at that address to get a "Real ID" that allows domestic flights without a passport, though.
Same thing for getting a PO box, you need a physical address first. The post office will tell you the same thing, to use the address of a homeless shelter.
The folks writing these laws do not live in vans, and do not care, nor even think about the impact of their actions on folks with alternative living arrangements / folks poorer than they are.
11 replies →
The DMV typically needs a proof of residency because you're only allowed to have one state license - the one for the state of which you're a resident.
2 replies →
In many places in the US it's de-facto illegal to live in a van, in some places it's explicitly illegal. Even if the van is parked on private property it'd still be illegal to be your primary residence due to zoning. There are exceptions for RVs and boats because they have sleeping, cooking and toilet facilities (which are required to be built a certain way).
In many places your driver license is used as authoritative identification for many other things, and the assumption is that those things require this additional verification. I don't know, but I think registering to vote might be one of these things in some places (it's been a while since I registered).
5 replies →
If you live in a vehicle/RV it can be hard to prove residence. I've used UPS Store boxes but most places have caught on to that and don't allow it anymore. I've been told you can use a homeless shelter as the residence and a box as a mailing address but haven't tried it myself.
2 replies →
In the states I've lived in, licenses and ids required proof of residency. If you can't prove you live in the state, you're not getting one.
That’s brilliant. Like a wholesome version of “mail fraud” ;)
Clever. Also remember to remove the printer headers and footers.
Is this recent? Which state? I just got my RealID in California in December, and tri-fold-free printed PDFs worked fine for me.
Interesting
I really hate dealing with my printer (or any printer for that matter), so I make pretty liberal use of my drawing tablet at this point. I import the PDF into Krita, use the ballpoint pen brush, and sign. I export to PNG, then use an imagemagick script to rotate it some random number between 1-3 degrees, and add noise onto it to look like a scan.
It's a pain, but it's still less annoying than dealing with a printer.
I have a png of my signature, and I just paste it into the pdf, and submit that. Haven't run into a complaint yet, and I don't have to print anything.
Just a couple months ago I had a couple of forms rejected with a note “needs wet signature”
They were for a 401(k) plan I was updating RMD choices. I got the PDF form from their site, filled it out in Preview, pasted my signature PNG, and used an app on my phone to fax it(!) to their number.
Got rejected. Had to actually print the damn things and sign them with a pen, scan them again with my phone’s camera, and re-fax them.
Was mildly infuriating.
13 replies →
I should probably do that. I've always hesitated because the paranoid part of me thinks they'll catch on to it being digital if I have to sign in ten different places and they see that the signature is literally identical for each one. My Krita solution, while annoying, allows for me to have a slightly different signature for each one, for each form I sign, allowing it to pass all but the most judicious level of forensics.
Granted, no one is going CSI on anything I sign. I should probably just make like ten pngs of my signature and paste those in.
3 replies →
When we were buying a house back in 2009 (before electronic document signatures, which are the most amazing thing ever compared with the old way) we had to sign zillions of different pieces of paperwork going back and forth while making offers and so on. I was doing most of this during the day from the office, and all the paperwork had to be signed by both me and my wife.
So what I'd do was take the PDF, paste in my wife's signature, print it out, sign it myself, then fax it over. Never had any problems.
It depends on what you're signing. My letters of authorization to my bank require a "wet signature." Scanned or photographed and emailed is fine, but they want you to print and sign, and they've sent it back to me when they can tell I've used a digital stamp.
This product looks interesting, although the idea of me entering coordinates for the stamp instead of just stamping it in a GUI is not at all appealing...
I did my refi using that method till they realized i was using a digitized copy and sent over a person to collect wet signatures from me.
This, but with extra noise around the signature and with at least 4 unique copies, max number of times one has to sign full name a document (in my personal xp). Whomever is going to read it and check for digital, will probably check closer on the signed pages. Also make sure the signature isn't too perfect and not too regular on the ink :)
Ditto. I've been doing it 11 years at this point and it's never come back to bite me.
Ditto, had it only once that they complained the signature on separate documents was identical. Well, just wrote it down a couple more times in case I run into that again.
I do the same
There's also this website which I've used successfully with many bureaucracies.
https://www.scanyourpdf.com/
I've seen this one, I think it was on HN about a year ago, but a lot of the forms I've been signing in the last year have been stuff containing a fair amount of personal information (e.g. wife's immigration stuff, refinancing a house, banking annoyances, etc.). I can't really audit the code for an online service, and I find it unlikely that either Krita or ImageMagick are sending this information externally, considering both seem to work fine even without an internet connection.
EDIT: Clicking on it, I see the source code is available. If I can run it on my local box then this might be a little less nasty than mucking with the `convert` command.
1 reply →
I'm not too enthusiastic about uploading personal information and a signature to a random website.
Years ago I user a good blue Ball pen and signed in a blank paper. I scanned this in high resolution, cropped, fattened the lines, removed background and saved it as a transparent PNG. I added this PNG as a stamp to my favourite PDF software and have signed many many documents. The thing to remember is to flatten comments after I stamped my signature onto the document.
You can actually sign a PDF this way just using Preview on MacOS.
I've signed and returned almost everything requiring a signature for years this way, you can even have multiple signatures (helpful when you need spouse to sign something too...) in Preview to speed up dealing with these kind of tasks. I've never once been asked to sign it with a pen instead, even for relatively complex transactions like houses/cars.
Because Preview lets you draw the signature using the TrackPad and a finger, I've had no difficulty making a very convincing replica of my actual signature in Preview.
While the linked tool may "look" more convincing with fake photocopy marks etc, for just signatures its not been necessary to go beyond Preview for me ever. In the US so much business is conducted on paperfree platforms like DocuSign etc that I don't think many people even notice the fact the signature is digital anymore, given platforms like DocuSign do more or less the same thing.
I had passport photos rejected due to my eyes being too shaded or something. One eye seemed a little darker according to the error messages. I tried taking new photos, including ones from I paid for (done at a pharamacy) and still failed.
In Preview I copied one eye and put it over my troubled eye, reversed. It worked.
I’ve been though face detection systems in various countries (US, UK, France) and I seem to get through ok.
I knew that, and I do run macOS, but the signature always looks "digital" to me. It's not bad, but with Krita and it's pen or pencil brushes, in combination with a decent drawing tablet (well, as decent as a Huion screen tablet is) with a pressure-sensitive pen, I can get something that looks outright indistinguishable to a physical signature.
2 replies →
Also iOS
I use Figma quite a bit for this. Just make my signature a component and drop it in where I need it.
Used to use Photoshop where I just made my signature a custom brush.
Disclaimer: I work for Figma.
I have a shell script based on ImageMagick that gives a PDF a "scanner" look. I typically open the PDF in Master PDF Editor to insert an image of my signature, then pass it through my script. When I do need it, it's rare, but it becomes a real life saver. It has avoided me the need to print and scan 100+ pages for a mortgage company, some stock brokers and banks. Key points of the script:
"+noise Random -fill white -colorize 95%" to add some noise to the image
"-distort ScaleRotateTranslate '$x,$y $angle'" to randomly shift horizontally and vertically the document, and randomly rotate it slightly
"-density 150" for a low-ish resolution so it better hides the fact the PDF wasn't really scanned
"-colorspace Gray" to make it black & white
"-quality 60" to increase JPG compression and somewhat reduce picture quality
I have a script for the same purpose too, but I prefer a black-and-white 1-bit palette for that fax look. Here's my version -- note that it uses graphicsmagick, img2pdf, optipng, and pdftk. Also enforces A4 so some of you may want to change that. For fun it's doing the page processing in parallel to speed up a bit with large documents.
For a cleaner 1-bit look without noise and rotation, use "gm convert -density 300 "$file"[$page] +dither -colors 2 -type bilevel -fill white -fuzz 40% $png".
The 1-bit palette is a good touch. Making it use parallel(1) is a great and easy optimization. Nice!
Kind-of-related: I'm wondering if anyone can help me find a website I found a long time ago (probably through StumbleUpon, if that tells you anything about how long ago)
It was a "government document simulator." What you would do is upload a nicely scanned document, and it'd give you back a mis-alighed, crappy quality "scan" of that document, with random blotches and other visual noise. You know, like regular government/FOIA-received documents.
I feel like this is halfway there, if not more (so thank you!), but that website was so authentic.
I don't know if it's even around, but it made me giggle, and I'd like to find it again. If not--great startup idea!
Thanks for this!
"-flatten" results in all PDF pages being rendered into a 1 page PDF output. If "-flatten" is removed, I get a multi-page PDF output as expected. Thoughts?
EDIT: "-flatten" does what it is supposed to. Delete if operating on multipage PDF.
Weird. I could swear "-flatten" didn't behave like this years ago when I last used my script. But maybe I am misremember...
Edit: haha! The "-flatten" needs to be replaced with "-alpha flatten". This way, multi-page documents are still handled correctly, and alpha transparency is also handled correctly. I just tried on this sample file with transparent images: https://tcpdf.org/files/examples/example_042.pdf
2 replies →
Nice tool!
Though personally I just use something like Xournal++ to edit the PDF (add text, add a signature image, etc.) and then use the following command to "fake scan it":
convert -density 150 input.pdf -colorspace gray -blur 0x0.1 -sharpen 0x5.0 -level 10%,90% -rotate -0.5 -sharpen 0x1.2 output-scanned.pdf
I don't even bother with making it look like scanned. Just adding a png signature with Xournal and that's it. Mostly government requests it so they never cared enough to complain.
> For bureaucratic reasons, a colleague of mine had to print, sign, scan and send by email a high number of pages. To save trees, ink, time, and to stick it to the bureaucrats, I wrote this script.
I hear you, fellow Frenchman !
Don't know about different Jurisdictions, but from where I am - this has NO legal binding whatsoever. We have those gov issued digital, invisible signatures for that, embedded in our personal ID card. Whatever is properly signed with digital signature, the printed out page bears no legal force.
Anyway, businesses still like to do it this way ("Signing" pdf by applying some pixels). I wonder if it is just an inconvenience to overcome both for businesses and consumers that just write this off and don't bother that it is such a weak binding. It is like some dirty workaround/hack to put those silly signatures on digital documents to get stuff done.
In the US, the Uniform Electronic Transactions Act, passed by most states, clarifies that basically any sound or symbol or process is a valid electronic signature. This is in line with general contract law, under which any manifestation, written or verbal or even non-verbal, that would reasonably be understood as assent, is sufficient to form a contract. Of course, if you want a court to enforce that contract, you're going to have to prove that the other party did provide assent.
I don't know where you are at, but I know for a fact that a scan of a signed document is binding in the EU. As far as I understand it doesn't even have to be a scanned document, you can sing a digital document by adding an image of your signature or just using your finger and a touchscreen.
In the US from what I read[1] the situation is pretty much the same a scan of a signed document is binding as well as non cryptographic electronic signatures.
[1] https://resources.infosecinstitute.com/topic/legality-electr...
Even a spoken agreement is a legal binding. But it's always best to get it on paper, and if it's important, also use at least two witnesses.
1 reply →
Huh, I'm from EU. But what I remember from lectures on digital documents, they said something different. Will have to look up this stuff.
3 replies →
I don't know where you live but in the EU eIDAS regulation sees a scanned document as a Simple Electronic Signature (SES). This is the most basic possible form of signing which is accepted.
So within the EU a scanned document is valid though the law does say the method used needs to be proportional to whats at stake.
[1] https://en.wikipedia.org/wiki/EIDAS
I've noticed that the court documents issued by civil courts in Turkey have electronic signatures with signed hashes for each of the signatories (judge, clerk and all else) in every document. To make people not freak out, they seem to have also added a PNG image of a slightly smeared generic wet-ink looking signature above the hash so it looks real on first sight. But if you look closely the signatures are all the same, and the signature says e-imza (e-signature) in cursive. Heh.
Another cool thing, the whole document itself does have a hash where you can go to the website of the ministry of justice and input the hash to verify the document. It was unexpectedly neat.
Comments in this sub-thread need to distinguish between two dimensions to a signature: is it capable of legally binding the signatory? In most cases, any format will do. Is it going to be easy to enforce (I.e., to prove it was you that signed, and not your dog headbutting your mouse?) That's a damn sight harder, and many forms of (legally valid!) E-signature might not be accepted for that reason. Depends how much assurance is needed in the circumstances.
I'm in the US and as far as I know, a digital signature is completely valid. [edit: ~it's the same way here.~ Misinterpreted parent comment.]
Yet Ford repeatedly insisted I print out the documents, sign them, and scan them. I tried a digital signature anyway - and they called me out on it.
"I tried a digital signature anyway"
Do you mean:
A) a cryptographic signature?
B) an image of your handwritten signature?
C) something else?
I think you and GP might be talking about different things.
2 replies →
When companies ask for signatures to be done in a certain way, it’s often not because those things are a requirement to be a valid contract under the law, but because they want more evidence to support them should the contract be brought into question in court.
You could theoretically, in some cases, run a business on nothing but verbal contracts, but you would be foolish to do so because you’d have difficulty proving anything if it were disputed.
This is wrong, in the US an electronic signature can be just about anything. See my comment here https://news.ycombinator.com/item?id=30025456
1 reply →
Yup, there was a literal act of congress that made e-signatures legally valid but it's not worth arguing with anyone who asks for an "ink" signature ime.
Same here. Real signatures on paper as well as cryptographic signatures are legally binding. Pasting a picture onto a PDF isn't but nobody wants to deal with the bureaucracy so they do it anyway. Getting a cryptographic token you can use to legally sign things is such a bureaucratic nightmare too, nobody wants to do it, including myself and I really like this stuff.
How does it work if you defraud someone using such a a PDF contract with a pasted signature?
You just get away with it because the contract wasn’t binding so there was no fraud, right?
I bet those “non-binding” contracts are actually much more binding than you might think.
Fax and autopen signatures are also valid. Make it look like a fax and you're golden.
This sounds really unlikely. Does your country also not honor any sort of verbal contracts?
Would a business agreement concluded over email not be binding? Can you get away with fraud by just tricking people into agreeing to use docusign?
If (not cryptographically) esigned contracts are not binding in your country, how does that not cripple law enforcements ability to combat fraud involving such contracts?
If I sell you a car and we use a contract like this, do I then get to keep both the car and the money? If not, how is that contract not binding?
Same over here! Only difference is that with our IDs/certs you usually have a visible cert block on the PDFs. You can get it to be invisible somehow, but that's a bit of a hassle.
But yes, anything that's not a proper digital signature might as well just be a random png pasted into a pdf. No legal binding power whatsoever.
For the software they provide us to sign documents, there is a checkbox when I sign PDF files - whether I want some overlay that indicated that it is digitally signed or not. Thats probably the user friendly part of digital signatures :)
Having moved from Germany to Austria I was pleasantly surprised that they have a functional national ID system that you can use to sign PDFs with a qualified electronic signature. Within Austria, they have been accepted everywhere so far.
https://www.handy-signatur.at/hs2/#!sign/single
When I tried sending such a document to a German insurance company, they refused to accept it. I ended up faxing the document :/
Usually sending them the following helps them be less stubborn:
> Gemäß Artikel 25 eIDAS-Verordnung hat eine qualifizierte elektronische Signatur die gleiche Rechtswirkung wie eine handschriftliche Unterschriftund wird in allen Mitgliedstaaten anerkannt.
Doesn't work always, but the times it doesn't I usually find a competitor that does prove to be more cooperative pretty easily!
At least in the federal state of Hesse a fax isn't considered safe: (German) https://www.heise.de/news/Datenschutzbeauftragter-Gaengiges-...
... anymore. It was seen as safe until the last old ISDN / analogue landlines were converted to VoIP ones, which was really not that long ago :D
For a project that you can use to actually sign (electronically of course) a PDF file or verify that a PDF file has a proper signature take a look a this:
https://github.com/spapas/pdf-sign-check
It uses org.bouncycastle and apache pdfbox and is completely open source. I'd be happy to help anybody that wants to use it in his organization!
We use it sucessfully in my organization (public sector in Greece) for some years; notice that to be able to sign you need to have a proper certificate for your organization.
Nice, but from my experience people don't know digitally signed PDF. They want paper with wet signatures or looking like wet signatures. On the other end of the scale I have seen pdfs signed with self created certificates or signed by mouse movement.
Yes, and in some contexts people seem to recognize digitally signed PDFs only when they “officially” processed by DocuSign, HelloSign, or a similar professional service.
3 replies →
Oh my goodness, I have dealt with a pedantic bureaucrat who rejected my signed PDF and insisted on the hand signature hahaha. So I printed the document out with my digital signature pasted twice, one below the other, and added a couple sharpie smudges to the bottom one before scanning to quietly “insist back” that there’s no difference between my manual and digital one. Regardless, The automaton was satisfied!
Preview on Mac OS can do this. You hold your signature up to the camera and then it creates an image you can add to any pdf.
Preview has to be one of the most under-appreciated apps on MacOS. It implements so much handy everyday functionality that requires third-party software on Windows. Or did, last time I used Windows (admittedly some time ago).
Yes, really. I use it all the time.
On feature that I use a lot in Preview is to combine pdf's. If you e.g. have a pdf invoice and want to combine that with the corresponding pdf receipt from the bank, I just open the two pdf files side by side in thumbnail view and just drag the pages (thumbnails) I want from one document to the other where I want to place them; rearranging the pages (thumbnails) later if I need to in the same thumbnail view. I am a huge fan of Preview! :-)
1 reply →
I love the integration with iOS as well. I was pleasantly surprised to find an option in Preview to use my iPad and the Apple Pencil for my signature. It even popped up some otherwise hidden UI on the iPad to do so.
Preview is the reason my personal, non-gaming computing is still on MacOS and not purely iOS. I'm not even joking.
Preview has an odd selection of functions, though. On one hand it allows you to do plenty of these functions that you mention, but otoh misses on very trivial stuff like "I'd like to make my image a bit larger so I could paste another one next to it".
4 replies →
On Windows, everything requires a third party app. It's insane.
I wanted to convert XML to JSON. Well: Tough luck. Go download some app by some person from the store. We are sure it's completely safe!
Want to convert a video to a gif? Get another bloatware program.
There is so much command line stuff Linux users take for granted that Windows people struggle with every day.
on windows i find myself bouncing around a lot between pdf viewers, choosing between lightweight but feature sparse options (sumatra) and heavier, more featured programs (acrobat, foxit)
i've never thought about replacing preview.
I always use Preview to "sign" documents due to a lack of a scanner, but I've found in some cases, companies refuse to accept the document because they think it's not actually printed, signed with a pen, and then scanned...
Tools like this will skew and degrade the image in a similar way to a scanner so that it fits this ridiculous requirement
Have you tried signing a piece of paper with a pen and using Preview’s signature scan feature? It creates a very realistic looking signature in my opinion.
1 reply →
Same. You don't need a camera, you can doodle a signature with a mouse and it's fine. I bought a house this way with no trouble.
It's funny to me to look at a company like DocuSign whose shares surged early on the in the pandemic because they expected a dramatic increase in need for digital signatures and then the price crashed when it turns out that signatures aren't actually useful and we can just live without them.
It is so handy, indeed! I really wish Apple spent some time to make users aware of things like this, which are baked into standard macOS software.
This issue this app attempts to solve is companies that insist on a scanned "wet" signature, and will send it back if it looks like you just pasted in your signature stamp.
I think the author of this tool is totally missing the point of the print/sign/scan legal hoop that one sometimes has to jump through. The law sometimes requires certain documents to be "in writing" and there is, unfortunately, a legal tradition tied to this that "in writing" means "physically on paper", which many lawmakers and bureaucrats unfortunately haven't managed to properly transition into the digital age.
However something that is quite a separate matter is the question of whether one needs to actually be in possession of that piece of paper. A scan of an original serves as proof that the original exists. ...and this is usually all that anyone requires for practical intents and purposes.
But: You're not supposed to do print/sign/scan, and then just throw away the original. You're kind of supposed to keep it in case you're ever asked by a court to produce it. The document partially loses its forensic value if no original can be produced.
If that's the point, why does nobody ever say to keep the original?
If the counterparty needs it, why don't they request you sign two copies and send them one? The idea that they would later want it for forensic evidence that you really did sign it seems odd: if it's in their benefit and you wanted it to not exist, and you're the one possessing that original copy... you can make it not exist.
I guess, when such administrative procedures are decided, then the kinds of considerations that go into it have to do with whether the document is more to your advantage or more to theirs. In a high stakes situation where the document is to their advantage (like you sign an employment agreement), they routinely will insist on having a signed original rather than just a copy or scan. In situations where the costs of dealing with paper originals outweigh the potential benefits, they might well not insist on having paper originals.
But, to come at it from the other side: If you want to make sure you can actually rely on the document in court, it's probably a good idea to keep originals and definitely a bad idea to use this FalsiScan tool.
The lowly-paid administrator who deals with you might not be able to detect the FalsiScan that you submit. But if something goes to court and it benefits them to undermine the forensic value of the document, then you might well find yourself faced with a digital forensics expert proving to the court that the document came from this FalsiScan tool. This opens the possibility that, for example, a third party with access to your computer that contains all the digital assets to create FalsiScans (like a scan of your signature) could have created the PDF.
It's not obvious that you would want to respond to that by saying "but I definitely definitely did use FalsiScan myself, meaning the PDF to represent my signature on the document".
If the other party can make it look like you purposefully sent something that would make it past their administrative procedures but would have questionable forensic value so that you could later have it thrown out in court, then you can no longer rely on the document yourself and could even be liable to damages that resulted from their relying on it.
If they can clear a slightly higher burden of proof in the general direction of fraud, they could even come after you criminally: Fraudulent creation of digital assets of forensic value (like scans of paper documents) is a criminal offence. -- At least in Germany; I don't know U.S. law that well.
That also applies to your original suggestion about making a document not exist whenever it serves your purpose for the document to not exist. ...that too is kind of a criminally relevant thing that you probably don't want to do.
I hate PDF's with a passion. Not once have I ever wanted to use one. All the pinching and zooming, such a waste of time. I'm giving this a shot next time I need one, the whole scanner thing needs to go. Are we stuck in the 90's?
Just bought another rental and it was an ordeal trying to find a scanner. Tried the college near me, was denied as you have to be a student. The library is closed down apparently. FedEx didn't have one. The one at the Office Depot was broken. I ended up driving 30 miles to a friends house to use theirs, which required driver upgrades since nobody had used it in a year. I don't understand the point of jumping through all these hoops.
I feel the same with credit card signatures, completely useless and has never once helped me with identity theft or fraudulent transactions. Now I just draw a horizontal line or smiley face.
If you have a basic handle on a GUI Bitmap editor such as Photoshop or GIMP, and you have a hi-resolution phone, you can just take a photo of the sheet as parallel as you can manage and then create a document that is the same dimensions and then use the warp tool to fit the likely skewed photograph to the exact digital document.
There's lots of apps that do it for you too. Scannable is one.
1 reply →
> All the pinching and zooming, such a waste of time.
Sounds like what you really hate are mobile device displays.
When is the last time you had to pinch and zoom on a website? Text can reflow perfectly well, if you give the renderer the necessary information. With PDF, similar to PNG, you're specifically telling the renderer to put this pixel exactly over there and nowhere else, so it cannot nicely make it all be readable comfortably.
If mobile devices required zooming and panning to read anything, they'd not be popular at all, so they're apparently not where the problem lies.
3 replies →
Do you hate PDF's or do you hate scanned documents? How else should we send text or image documents in a portable format, MS Word? Google Docs?
(m)HTML (aka .eml). And it even supports multimedia !
Just take a photo next time, you can use Office Lens or Apple Notes.
Also Files on iOS has a document scanner hidden in the … menu.
Smart phone scanning apps are incredible. I’ve ditched a flatbed years ago and solely rely on my iPhone. It works like magic. The quality is good-to-great, and it fits well with my workflow. Worth the ten bucks or so investment.
Don't even need to spend $10 — the scanning is built into iOS, you can get to it from the Files or the Notes app, or even from your Mac (right-click somewhere and "Import from iPhone or iPad").
>Are we stuck in the 90's?
Since we accept signatures as proof of identity, we are really stuck in 3,000 B.C. [0]
[0] https://blog.thegrizzlylabs.com/2020/11/history-of-signature...
I was told by a convenience store clerk that it's best to simply write "SEE ID" in place of a credit card signature. In the event the card is stolen, or there is some doubt as to its user, perhaps the criminal would be stupid enough to actually show their ID.
Dropbox's mobile app includes a document scanning feature that seems to work well.
I recently learned that a cryptographic signing operation on a PDF is more or less bogus due to the complexity of the format. Every once in a while some researchers take a look and find a bunch of new ways to forge such things. I guess the root problem is that you end up signing a whole whack of stuff that you don't see or understand. That isn't ever going to work. I think that in practice you can only sign plain text if you want it to be secure.
So this really isn't any worse than the alternatives, at least for PDFs...
Signature_example.pdf in that repository is NSFW.
If that signature is NSFW, you might want to consider W'ing for another company instead.
Unless you've Gavin Belson.
See also: The license :D
It seems fine. It's just someone's initials => OlO
As is the readme.
Honest question: As long as you say you signed it, and you say it's your signature, does it matter how real it looks?
IANAL, but this depends on the jurisdiction. In some places (e.g. Ontario, Canada), e-signatures are fine; often this is because the law explicitly says they have the same effect as a "wet" signature. In this case, "looking real" doesn't enter into it.
In others (e.g. Denmark), you don't even need to sign - merely stating your intent to accept a contract, and having a clear record of that intention, is enough. In this case, again, "looking real" is a non-issue; you can even send an email in some cases.
In yet others, you will definitely be asked for a "wet" signature, and a digital signature is not considered legally acceptable. Here looking real could matter; if your signature is obviously non-physical, it may be refused.
This also varies by situation. In some places, banks want to see a wet signature, _and_ will compare it with an existing wet signature they have on file. In this case, it very much matters how real it looks, where "real" means "matches this other real signature". (Does this make sense? Arguably no, but that's the way it currently is.)
Singapore has this halfway thing which means some documents can be e-signed (purchase orders) but more “serious” documents like lease agreements need a wet signature.
I had to look it up when doing deals with someone in Japan, and Wikipedia (iirc) told me that specifically in Japan just scribbling over the pdf via the touchpad is not a legal thing—you have to do the paper dance. Judging from the comments here, France also doesn't encourage all-digital laziness.
And that raises the question for those of us that had to sign a bunch of documents when things were locked down: What purpose does the signature serve? It was a constant hassle that wasted a bunch of my time, and it ultimately was not a signature.
You are right, that it shouldn't make a difference technically.
I think the goal is to minimize the risk of someone rejecting your document because it looks photoshopped.
My go to these days is just open gimp -> use my tablet pen -> save again to PDF. I've never been questioned.
Yup, I just "sign" in Acrobat Reader using a signature image I scanned a long time ago, which should be pretty obvious to most people what I've done. But nobody ever complains.
Or use foxit reader to draw or put image as a signature on PDF: https://help.foxit.com/manuals/pdf-reader/foxit-reader-for-m...
I'm no way affiliated to foxit but that functionality there works. And saves trees.
If you have a Microsoft Surface you can just open PDFs with Edge, draw on them with the pen, and save them. It's such a nice feature!
Makes me actually like signing things. And it's also wonderful for sending feedback on stuff.
I use gimp for this. One layer the imported pdf, the next with my scanned signature from ... 1998? Position, scale to 1024 or so, export grayscale jpg with enough compression to create artifacts, done. The poorer quality the better, tends to make it seem more "legitimate."
I think I have witnessed the apogee of bureaucratic obsessions with printing and signing. I sent an email to what is similar to the IRS in my country and they answered by typing up the answer, printing it, signing and stamping it, scanning it and attaching it to the reply in my email.
What's the thing with the Penises in the readme and example pdf? Is this a joke?
Because the author is a child, and so am I, so I approve.
Ah yes, all of it is a joke, the example text is too. Which is fitting for the problem it is intended to solve.
That was substantially more penii than I was expecting to see today. On the other hand this whole project is a pretty funny troll tool, so fair play!
I still miss a coffee stain.
it could use a --coffee-stain
As someone living in Berlin, having to deal with German bureaucracy I can't thank you enough. Now it just needs a "send as Fax" button...:-)
I send "fax" via https://epost.de which is incredibly useful public authorities. You upload a PDF and they print it and send it as snailmail. Since they verify your identity, it has the legal status of a fax (is my understanding).
A similar absurdity is that most legal documents filed with the courts in the USA now use "conformed signatures" which means you just type your name and put /s/ next to it. That means you pretend you have a "wet signed" document somewhere to back it up, but in reality no lawyer is doing this.
https://www.cogencyglobal.com/blog/getting-document-signatur...
You can even sign your life away like this, especially as most notarization has now been replaced by systems like Verification by Certification.
https://www.ilga.gov/legislation/ilcs/documents/073500050k1-...
https://en.wikipedia.org/wiki/Sworn_declaration
Great, been using this https://www.scanyourpdf.com/ for very similar results (source: https://github.com/baicunko/scanyourpdf )
I know its open source, but do we really want to upload a (maybe sensitive) pdf to an unknown server? Because people will, when its in the form of a website.
This is really going to come in handy during the next real estate downturn (https://www.nolo.com/legal-encyclopedia/false-affidavits-for...)
Previous discussion: https://news.ycombinator.com/item?id=22811653
First comment posts a way to achieve something similar with imagemagick, which I've been using flawlessly since.
I built the same thing for the same reasons as a client side web app http://patmood.github.io/scanned_look/
Previous discussion: https://news.ycombinator.com/item?id=22811653 (April 2020, 770 points, 187 comments)
I just use convert from imagemagick.
There are so may options, e.g.:
That's basically what this is doing to fake the scan: https://gitlab.com/edouardklein/falsisign/-/blob/master/fals...
> convert -density "${DENSITY}" "${PAGE_IN}" -linear-stretch 3.5%x10% -blur 0x0.5 -attenuate 0.25 -rotate "${ROTATION}" +noise Gaussian "${TMPDIR}/${PAGE_BN}-scanned.pdf"
I had to do this! It was a 3-4 page document and I thought printing and scanning was stupid, but did it anyway. Naturally I only printed and scanned the last page with the signature on it. They rejected it saying I had to print and scan the entire document!
I would be very tempted to use something like this next time, however I have a feeling that the same people who think this is sane would accuse you of fraud if they ever found out. Not sure if it's worth it.
I've done this sort of thing often (and more quick&dirty) and nobody had an issue with it yet. Just put a good quality signature on the doc and then export the whole thing as fairly low quality. Making the signature blue and the rest of the document black and white probably also helps. But I never even needed that much.
I vaguely recall hearing a while ago that it may be counted as a forgery if you copy and paste your own signature that way. These days it even happens that you can simply type your name as a signature, but it's quite hard to be sure what's okay and what's potentially a crime with these bureaucracies. But for a tool like that, it might be useful to write down in which jurisdictions it's certainly okay (or not) to use.
IANAL. Wikipedia, "Forgery is a white-collar crime that generally refers to the false making or material alteration of a legal instrument with the specific intent to defraud anyone (other than themself)."
Note defraud.
My go to tools:
Create an array of signatures on paper.
Use photoshop to make it transparent.
Take transparent images of signatures and make pdf stamps out of them.
Use pdf stamp to sign docs.
Print pdf with stamp markups as image to pdf printer.
Another comment: I completely love PDF exchange editor. Used their free version for years and finally paid for it which I should have done a long time ago.
Don't most PDF reader software (Adobe or otherwise) have the functionality to let you imprint a signature onto a PDF file and save it as a new file? You'd have to set up your signature (likely by scanning it) the first time, but once it's done, you can "sign" PDF documents with by clicking a couple buttons. I've done that for a ton of documents by now and have never heard a complaint.
Yeah but they don't accept that. They literally make you print out, sign in ink then scan back in and reject it if they detect you haven't done that properly.
Bonus points if you wrap the script in an Automator task in macOS so you can you run it in literally 2 clicks from Finder: https://bradt.ca/blog/how-to-make-a-pdf-look-scanned-imagema...
It is even easier now with Shortcuts in the latest macOS releases.
This could go a lot further. I once did something similar with a rubberstamp image taken from the web, replaced some of the on-a-curve text in the GIMP, applied various filters to make the seal look like it was stamped on unevenly, and composited it over the page. Did the trick.
Would be neat to have this take a rubberstamp image and do all that work too.
When I moved to Australia I needed to get some documents (uni degree, work experience etc) verified by the Australian Computer Society. They required me to get a notarized copy of the original and SCAN the notarized copy, to be uploaded electronically. To this date I've yet to come across anything more stupid than this....
Heh I had to make a version of this for myself. I had a vendor that required a "wet signature" for a document, so I took the PDF, added my digital signature, exported it to JPEG, and then used a command line tool to rotate the image 1% left and then 3% right so it looked like I scanned it a little crooked.
Worked like a charm.
Does anyone know of a good PDF-editor (with ability to alter OCR'd text) for Linux? Editing pdfs (I know, I know, pdfs are not meant to be edited) on Linux is huge PITA, and LibreOffice Draw/Write do not cut it for me, so I have to resort to Adobe Acrobat from dualbooted Windows.
Xournal is a great WYSIWYG Linux program that can edit PDFs for this sort of thing and similar use-cases.
Please don't use the WTFPL (the "whatever the fuck you want to do") license. It's not well thought out legally, especially in Europe.
https://en.m.wikipedia.org/wiki/WTFPL
> It's not well thought out legally, especially in Europe.
Does it matter, given its intent?
I used to use tools like these but then I wondered - why do I "need" to make an image look scanned? Why do I have to add all this noise to the image before sending it over? Why can't I just take a photo of whatever I need to send and leave it at that?
If you have a PDF editor that can save a PDF/A (archive PDF), it'll convert the whole document into an image. So, I just paste in my signature and export as a PDF/A and from their perspective it's just a single image like it was scanned.
PDF/A does not turn everything into an image. It is just a more restricted version of the PDF format, and it still has text, embedded fonts, etc.
The image conversion might be a separate feature in your PDF editor.
This is overkill. Instead:
1. Photograph your signature
2. Add to a pdf in Acrobat Reader using "Fill & Sign" function or paste into a docx file.
3. Use https://makescanned.com to give the pdf or docx a scanned effect.
Would be nice if one could add some stego-like features to the inserted signature img so that if lifted it would be detectable in a new pdf. Obviously the savy forger could circumvent it pretty easily but the lazy screenshooting crook would not notice.
I made a font of my 3/4 variations of signature, some initials, and personal logos, total about 10 characters, all mapped to A,B,C etc..
When I need to sign something & print, I use that font in pdf; or use Rand & Char formula is excel.
The command line methods outlined in the comments here: https://news.ycombinator.com/item?id=23157408 work quite well.
I did similar things when signing stuff. I used Adobe Sign (the Android app) to add my signature to the PDF and email it back.
Question: Is the signature done by FalsiScan and Adobe Sign equivalent legally?
I used my remarkable tablet to sign something once and it got rejected for looking too good. Had to print, sign, and scan with phone app to pass the must look crappy approval process.
Nice to see so many similar minds around. Of course I also have my procedure. Mostly gimp. My signature image has transparent background, so it can be put upon the signature line.
Web tool that does pretty much the same thing: https://www.scanyourpdf.com/
Favourite part has to be where you can have a list of signatures to randomly choose from. I assume it was done so that not all signs look same and robotic ?
Great thread about PDF scanning/combining tricks.
I don't get this, do people actually care if it looks scanned vs someone actually added a sig to it from acrobat/preview?
The biggest question I have is:
Why -z and -t for the x and y coordinates of the initials?
(More seriously: nice work. I'll probably use this myself someday.)
I don't know which I hate more, printers or PDFs. I wish everything could be done on DocuSign or similar platforms.
If you have MacOS, open the PDF with "Preview" and you can add your scanned signature using
You can have multiple signatures ready to use (see Annotate->Manage Signatures), e.g. multiple variations of yours, so they don't look all the same when signing a doc multiple times.
When including a signature you can position and resize it, e.g. to adjust for layout, font size, etc.
Very nice, I do this a couple times a year by hand. I'll have to keep this in mind for next.
I just use Micrsoft Edge to view a PDF and the pen tool to draw a signature.
Am I missing something?
I love the highly calibrated signature_guide.pdf you have to sign :D
That this even needs to be done is just absurd in 2022. Wow.
Great work though.
this is really great!
I love that penis ahhahha
I hate bureaucrats, and now that they lost some power due to web forms/applications they are tempted with some stupid requests, like this one :)
By signed, it doesn't mean digitally signed, right?
Correct. "wet print" signature.
Whenever I had to do this, I inserted my signature, that have saved as image file, with LibreOffice Draw and then used an ImageMagick one-liner to make it look scanned. A script automating this is welcome.
What's the use case of this?
Signing documents with visual signatures instead of cryptographic ones is already extremely archaic, but having to make them look like being signed by hand is absurdly so.
I have, in the past but not recently, run into situations where I need to visually sign something, and the form was rejected when I digitally signed it with MacOS Preview because they required the form be printed, signed, and re-scanned.
This would be helpful in that case.
You’re implying that a bureaucratic process being absurd and extremely archaic means it doesn’t exist?
The primary use case is addressing situations where wet ink signatures are required by a party to a transaction without having to print, sign, and scan a document.
Yes, it is an odd combination of legacy (sometimes regulatory) requirements and modern technology, but there are numerous situations where only wet ink signatures are accepted, and “digital signatures” are not accepted—even though the document is stored in a digital format.
Wet ink signatures are most commonly required in finance / investment / banking transactions. They are sometimes required for B2B transactions. While not as common in the US as in other countries, you can also run into requirements where documents must be signed via wet ink signature under seal (or stamp). Scanning a document with a signature line that has been embossed with a company seal looks somewhat comical and arguably legible (especially if the scan is done with a feed-through scanner) but is required to get business done sometimes.
But it's not a "wet ink signature," it's a PDF. The "wet ink signature" is on a piece of paper that never gets delivered.
It says right there in the description
> For bureaucratic reasons, a colleague of mine had to print, sign, scan and send by email a high number of pages. To save trees, ink, time, and to stick it to the bureaucrats, I wrote this script
Fun?
Heh. Probably unnecessary to make it look like it was put in the scanner misaligned. Just scan the signature itself and past that image onto the image of the document.
Meh. That really doesn’t always look very legit. Especially if you can “select” all the text, and when you select the signature you see a nice box around it. It’s then too obvious it was added as an image.
I don’t disagree that the whole “signing and scanning” is dumb, though.
You can rasterize the pdf, wouldn’t that solve it?
But you could also increase the size of the pdf and clog the bureaucracy's systems.
Very useful tool, thanks for sharing!
Oh goody! I've been looking for new ways to commit mail fraud!
Konrad Kajau forged Hitlers Diaries and nearly got away with it. He had a memorable line, it was something like “Fake? Real? There are efficient documents and inefficient document.” https://en.m.wikipedia.org/wiki/Konrad_Kujau https://en.m.wikipedia.org/wiki/Hitler_Diaries
Wow! How cold.
the author appears to be a fan of rocket ships
Am i the only one who finds the current state of signing documents to be a bit incomplete, inconsistent and all over the place?
For historical reasons, we still need to allow signing things by hand, which has a number of challenges in proving the authenticity of any such signature and preventing falsification of signatures (especially if you don't have the original document with the ink but rather a scanned copy).
Then, there are digital signatures, though instead of one large standard for all of the world, we have a whole bunch of regional ones. For example, in Latvia we have eParaksts (translates to "eSignature"): https://www.eparaksts.lv/en/
It is a largely commercial venture, which allows signing documents with either data in the chip that's embedded in our national ID, or i guess mobile solutions as well and also gives you the ability to verify these arbitrary documents in a centralized manner as well. The good thing here is that it supports signing arbitrary documents and storing them in an .edoc container or even embedding the signature inside of PDFs or whatever, but it still feels very regional, is still centralized and most of the software for reading PDFs directly doesn't recognize their CA or intermediate certs as trusted and therefore gives you errors, so you need to do verification on their site.
But what happens when you need to somehow indicate within a document that you're signing it digitally? You just put the text: "THIS DOCUMENT IS SIGNED WITH AN ELECTRONIC SIGNATURE AND A TIMESTAMP" in text at the bottom, which seems silly and doesn't really mean anything - how are you supposed to examine that if you ever need to print it? Furthermore, this kind of locks you in to using the .edoc container and keeping it around and perhaps even think about how to quickly get and display its contents. Sure, they have desktop software for that, but it's not like you can automate that super easily (not saying that working with digitally signed PDFs is a walk in the park, either).
In some parts of the world, an electronic signature just means taking a JPEG (or an equivalent) of your signature and embedding it in a particular spot of your PDF or whatever, which is plain nonsense in my eyes - sure, it looks pretty, but there's no actual cryptographic protection or benefit to doing so, since it's laughably easy to reproduce by anyone who wants to fake your signature. It actually surprised me when digitally signing a PDF came up as a Linux challenge on Linus Tech Tips and Luke thought that this approach is what was intended (whereas Linus interpreted it more or less correctly but searched for the wrong thing, more or less): https://www.youtube.com/watch?v=TtsglXhbxno&t=257s
So, here's my questions to all of you, maybe you have some thoughts to share:
*add NSFW
Hey Gitlab, could you consider adding the following CSS so that README images don't break out of their containers? Having to horizontally scroll to see this image is brutal.
I think that goes here: https://gitlab.com/gitlab-org/gitlab/-/blob/55a4cc5a53903250...
You’d want to pair that with `height: auto`, or else it’ll damage the aspect ratio of images that specify width and height attributes (which you always should).
Yep, will add.
Image in question is missing those values. I personally think README images should be be lazyloaded (making those inlined aspect ratios important) but I guess that's down to the maintainer.
Hey there, GitLab Dev Evangelist here. Thank you for flagging this and for the suggestion.
A change based on your comment was merged earlier today (with a link to your comment in the description): https://gitlab.com/gitlab-org/gitlab/-/merge_requests/78933
With the way people write CSS today, is there an argument today to not just have it be part of a reset, e.g.:
That they are not already doing that made me believe it was intentional. Principle of least astonishment to start.
Anyway I agree, and have that present on all projects.
Just zoom out of course. Silly users!
Thanks! I asked our Dev Evangelists to look into this suggestion.
I bet this change will be live in the next few hours.
I bet someone with the right skills could just make a PR / MR for this fix.
Signature_example.pdf 8====> :)