Image for post
Image for post

I wanted to start my refreshed blog with a post on Deepfakes, but probably not highlighting the threat you expect. For the past couple of years, I’ve said the real threat from Deepfakes is different from the one discussed most of the time. There’s a lot of handwaving and hype focused on one specific threat, but this can create a distraction from some profound and lasting issues. Let’s look at a couple of other threats posed by DeepFakes and examine why these have a more lasting impact.

Narrative Evidence

When you think of the danger from Deepfakes, you are probably thinking about their ability to convince people something happened that didn’t. This threat is something I call narrative evidence because you are using the content in an attempt to show evidence in support of some larger story. It’s this issue that steals all of the oxygen on the topic. The threat’s stated impact is that it tears at the fabric of reality, and people will believe things because they see and hear it. Although this impact isn’t false, it doesn’t take into account certain actualities. …

Vulnerabilities in supply chains aren’t a new topic and have quite a bit of focus from both a hardware and software perspective. With this post, I’d like to highlight a new concern, backdoors in neural networks. As a consumer of a system that implements machine learning, you have no idea if there is a backdoor in the system, however, as a developer of a system implementing a model, you may have no idea the model you are using has been backdoored either. This developer's perspective is what we cover in this post.

Just like open-source software creates an ecosystem for building new pieces of software, pre-trained models do the same for machine learning. All the major cloud platforms as well as PyTorch and TensorFlow have their own model zoo, where people can take advantage of pre-trained models so developers aren’t starting from scratch. As a matter of fact, we’ll be doing a similar task with the code in this post. Model backdoors present a unique challenge because unlike a malicious piece of open-source software where you can inspect the code, neural network models don’t provide the visibility necessary to evaluate for such backdoor functionality. This lack of visibility makes any kind of audit prior to use unrealistic. …

Image for post
Image for post

At Black Hat USA this year, I will present Influence Management and Win Presentations. In this talk, I’ll cover things you can do to convince your management that presenting at a security conference is a good idea.


Throughout the years, I’ve heard quite a few stories from people with management that won’t let them speak at events. I also know people threatened with losing their job if they did. Often, the justification given is rather dated.

In a situation where a presenter has to pull an already accepted presentation, an unnecessary strain is put on conference organizers as well. …


Nathan Hamiel

International Public Speaker, Writer, and Black Hat Review Board Member. Head of Cybersecurity Research @ Kudelski Security.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store