Skip to content
Logo-main-white.860316a8

I/O Fund

  • Home
  • Free Stock Analysis
  • AI Stocks
  • BEST OF 2025
  • Analysts
  • Nvidia Hub
  • About
    • Case Studies
    • About Us
    • Premium Services
    • Pricing
    • Notable Wins
    • I/O Fund Reviews
    • Media
  • Contact Us

Month: June 2018

Oracle Hit From All Sides: Iaas Cloud and Programmatic

Posted on June 25, 2018June 30, 2026 by io-fund
Oracle Hit From All Sides: Iaas Cloud and Programmatic

Summary: Infrastructure as a service (IaaS) is the fastest growing cloud segment and will continue to be with AI, machine learning and connected cars. Gartner, an authority in tech analysis, placed Oracle in the “niche player quadrant” (not the leader quadrant) for Infrastructure as a Service (IaaS) May 22. In addition to IaaS, Oracle’s Data as a Service business model will weaken as marketers fail to get proper consent for ad targeting.

Cloud infrastructure is hot right now and for good reason. The world increasingly relies on cloud data centers due to server virtualization, smartphones, movies and entertainment, chatbots, office productivity, software as a service, and social media, to name a few.

Gartner predicts the worldwide public cloud services market will grow to 21.4 percent in 2018 to $186.4 billion. The fastest growing segment is infrastructure as a service (IaaS) forecast to grow 35.9 percent in 2018. As we store more data in the cloud from AI and machine learning, this sector will continue to expand. For instance, fully automated cars will produce an estimated 25 Gigabytes of data per hour or 300 TB per year. Therefore, any savvy investor should place bets in this sector for 2021 and beyond.

No Medal for 4th Place in Cloud Infrastructure

Oracle (ORCL) is a long-time enterprise cloud powerhouse with billions invested in engineering and strategic acquisitions. On the quest to build and defend a range of cloud services, the company is expanding hybrid-cloud technologies, investing in customer-success programs, and benefiting from a less-than-expected decline in on-premise revenue. On the other hand, the transition to the cloud is taking longer than expected, according to Keybanc analysts, and is at risk for lagging behind Amazon (AMZN), Microsoft (MSFT) and Google (GOOG) in the Infrastructure as a Service category, the fastest growing category in public cloud services.

Last quarter, Oracle beat earnings estimates but came in slightly below expectations for revenue at $9.77 billion vs. $9.78 billion. The adjusted earnings of 83 cents beat the consensus estimate of 72 cents and was up 20% for its fiscal third quarter, which ended February 28. The better than expected earnings were not enough to convince investors in Q3 as the stock fell 4 percent after earnings were reported, then fell an additional 8 percent in pre-market trading. The stock is at $46.16 today compared to $52.90 before Q3 earnings.

One major concern is Oracle’s low share of cloud infrastructure and platform revenue, which came in at $415 million with 28 percent growth compared to Amazon at $5.11 billion revenue at 45 percent growth. It doesn’t help that Gartner, an authority for accurate tech analysis, placed Oracle in the “niche player quadrant” in the Magic Quadrant (not the leader quadrant) for Infrastructure as a Service (IaaS). Notably, financial analysts from JP Morgan and Murphy lowered Oracle targets yesterday, however, Gartner published this magic quadrant on May 22nd and it is likely what these analysts based their predictions on.

Meanwhile, in another category, cloud software (SaaS) revenue was up 33% last quarter for Oracle at $1.15 billion with notable competitors SAP and SalesForce. The remaining revenue is primarily on-premise revenue of $6.42 billion, and software license revenue of $1.39 billion.

While Oracle has maintained a name for itself in cloud services, it’s offerings are not strong enough to earn a medal as a front runner, which will spell trouble for earnings as Data as a Service (DaaS) undergoes regulations.

DaaS: Programmatic Will Crash

Oracle pursues many strategies and acquisitions for cloud services because it knows it has to be seen as a cloud company in order for Wall Street to invest in its future. However, one of Oracle’s main market positions is Data as a Service (DaaS). From 2012 to 2014, Oracle went on a tear of acquisitions to increase their marketing stack and to cement their position in the digital advertising space. In May of 2012, Oracle bought social marketing solutions provider Virtue for an estimated $300 million, the marketing automation firm Eloqua for $810 million in December of 2012, Responsys for $1.5 billion which is a business to consumer solution and the data management platform, BlueKai, for $400 million in 2014. This totaled an estimated $3 billion in collective marketing tech acquisitions to enhance DaaS.

Programmatic is the automatic trading of advertising which is augmented by data for superior digital advertising. Oracle’s DaaS is essentially a way for companies to upload their data and potentially enrich their data by anonymously sharing and matching data sets. Oracle calls this “making your data smarter.”

Notably, BlueKai was a private company that captured the data boom with 9,245% growth from 2009-2012 – although competitors in the market saw a whopping 21,337% revenue growth (Data Xu). BlueKai was originally a buyer and seller of consumer data and pivoted to become a seller of data analytics and management technologies. These acquisitions were designed to help Oracle enable private data sharing. This is where the marketing ecosystem ingests first-party data and brokers marketing communications (MarCom) and advertisements in a second- party data transaction. While the data is not being sold, the information is being shared to third-parties without consent for the purpose of more advertisements.

My newsletter subscribers get this information first. Sign up here.My newsletter subscribers get this information first. Sign up here.here.

As the Oracle BlueKai deck states, here are some examples:

  • Hotel chain sharing data with a bank to target customers who do not have bank rewards cards
  • Online broker sharing data with a social media site for audience based targeting
  • Social media site sharing data with a technology company

While Oracle Blue Kai may not come directly under regulation because they are the middleman, and not the company with a direct relationship to the user, their business model is likely to weaken due to the way the data is being used. Marketing platforms and data management platforms will increase a marketers liability if they choose to transfer and trade private, first-party data. For these marketers, under the GDPR, consent must be given for each processing operation need and cannot be bundled together. Therefore, there will be less advertising and Marcom data to process, lowering Oracle’s revenue.

My Prediction: Cloud infrastructure will continue to grow as data storage increasingly provides the infrastructure for technological advancement. Amazon, Microsoft and now Google have been upgraded while Oracle has been downgraded during a key growth stage for IaaS. In addition, Oracle acquired many companies in the DaaS space which will continue to wane as regulations increase on customers using Oracle for targeted data. Couple this with fierce competitors in the IaaS and SaaS space, and Oracle will see lower than expected earnings this year.

I consult for financial firms. Inquire here.

Posted in Cloud Infrastructure, Data Center, Financial MarketsLeave a Comment on Oracle Hit From All Sides: Iaas Cloud and Programmatic

Measuring Mobile Ad Performance: Why We Need to Borrow a Metric from TV

Posted on June 13, 2018June 30, 2026 by io-fund
Measuring Mobile Ad Performance: Why We Need to Borrow a Metric from TV

This article originally appeared in VentureBeat.VentureBeat.

By all accounts, mobile advertising is the wave of the future. Mobile ad spend is projected to increase 430 percent between 2013 to 2016, when it’s expected to surpass $100 billion worldwide, according to eMarketer. By 2019, overall ad spend will go on to surge to an estimated $200 billion. This is record-breaking growth, and it’s no wonder we are seeing this level of investment considering we’ve seen mobile usage recently exceed desktop.

It’s exciting to be in mobile today. You couldn’t ask for more users, more eyeballs.

Yet  there are still a few unanswered issues. Those spending big dollars on mobile, namely advertisers, publishers driving installs, and also brands and agencies, have a few key indicators they want to meet, including a reasonable level of accuracy, optimization, reach, and of course, performance. The mission is to deliver the correct content at the right moment closely matched to the intention of the person viewing the ad.

But whether this happens or not is an absolute mystery on mobile today. We may know someone installed an app, but they may never open that app again. We can measure clicks, but this has led to fraud and has also prevented brands from feeling confident that a “click” is the result they want from a campaign.

To loosen the bottleneck, we need to look at the yardstick we are using. We need to measure accuracy. We need to measure optimization. We need to measure reach. And we need to measure performance. The common denominator across all KPIs is how to measure both the audience and the campaign performance.

There are three predominant methods for measuring mobile ad performance today and each has its limits.

CPI: Cost per Install. This measurement is unique to mobile and was initiated for mobile publishers who doubled as advertisers. These publishers needed installs on their mobile apps, therefore, user acquisition dictated a new form of campaign measurement. It’s also the easiest (and first) way of measuring effectiveness in mobile video, although it limits the number of advertisers to only those who want to drive app installs.

CPI is also a higher risk to the publisher because they only get paid when the install occurs. As a result, the user experience is often quite bad because the user sees the ad over and over again, with the ad exchange favoring whatever means necessary to procure the install.

Weaknesses: Not every advertiser wants to drive an app install. Plus, users are gravely affected by the repetition of ads.

CPC: Cost per click came from desktop and originated in search, where the main function of the ad was to lead the user to a website or product page to initiate the conversion funnel and close the purchase. On desktop, CPC works best when tied to targeted keywords, relying on search terms to narrow relevancy and qualify who is clicking on the ad. Display ads on desktop naturally became display on mobile, although the screen size and user no longer matches the desktop actions that display was originally intended for.

Weaknesses: Clicks have never been a good measure of media outside of search. Mobile amplifies this problem with many erroneous clicks being attributed to media performance. We’ve seen a rise in fraud from bots, especially among Open real-time bidding markets and other programmatic exchanges. Plus, CPC does not address video, where the mobile market is headed, with 12.8 percent of impressions currently equaling 55 percent of revenue.

CPCV: Cost per completed view. This measurement is more favorable for video, especially when used with hybrid mediation algorithms, because it measures according to the effectiveness of the ad per completed view. Therefore, the correct content, the right moment, and the intention of the person viewing the ad has been achieved, in theory, because the video ad has been completed.

Weaknesses: Factors such as whether the ad is skippable or non-skippable and rewarded or non-rewarded play into why it was completed. CPCV is also not equipped (yet) for cross-device measurement. There have been variations on this form, such as CPMV (cost per 1,000 views), however, this does not take into account if the video ad was completed or not.

Given the shortcomings of these common measurement methods, it’s no wonder we are seeing a push towards new forms of measurement. Interestingly enough, the most recent form of measurement to emerge for mobile isn’t new at all. It comes from an environment where advertisers have been consistently measuring audiences for quite awhile now: television.

GRP: Gross Rating Point is calculated by the percent of the target market reached multiplied by exposure frequency. There are innate benefits to using the GRP measurement: First, having originated from television, the strength of the GRP is in measuring elusive eyeballs on video-produced ads – comparing mobile video to television, you can see why CPI is not conducive (there’s nothing to install). Second, advertisers are comfortable with this measurement system. It makes sense to invite the majority share of ad spend (which is television, at 42 percent, in the United States) to the mobile conversation by speaking in familiar language as to how ads are measured. Last – but definitely not least – the gross rating point is ideal for cross-device measurement because it takes into account exposure frequency. This last point may be the clincher for why the aforementioned three metrics will lose effectiveness over the next few years.

Weaknesses: Because the GRP is a navigational metric, it’s a measurement of how you approach your audience and how the budget is spent rather than providing an analysis of whether your ad was viewed and what action (if any) was taken.

The next chapter in measurement will be driven by people-based metrics and behaviors. Who is watching these ads is what advertisers need to know; completion rate – including CPCV – is not enough information to determine performance. Meanwhile, installs are singular in purpose, excluding most brands, and clicks are troublesome at best. GRP may or may not be the correct answer; however, it is a move in the right direction for mobile video ads. Today, most targeting and optimization is at the app level, not the people level, and this has resulted in inefficient media spend.

Posted in Digital Ads, Internet of Things, Tech StocksLeave a Comment on Measuring Mobile Ad Performance: Why We Need to Borrow a Metric from TV

Who is Responsible for the Data Security of 50 Billion IoT Connections?

Posted on June 13, 2018June 30, 2026 by io-fund
Who is Responsible for the Data Security of 50 Billion IoT Connections?

This article originally appeared on IAPP.org, the International Association of Privacy Professionals.

“No matter what happens, don’t panic,” were the words used by hackers just before they hacked a 2014 Jeep Cherokee. It wasn’t your typical hack, where credit card information is stolen, or a denial of service attack is propagated, or a website is taken down. This incident involved disabling the transmission and brakes of a vehicle driving 70 mph. In other words, this is the kind of hack that could take someone’s life.

Car hacks make juicy headlines, but dating back as far as 2007, we saw researchers demonstrate how a generator could be destroyed. In 2014, hackers broke into a German steel mill and prevented a blast furnace from being shut down. As recent as last year, Norse and the SANS Institute released a study revealing 375 U.S. health care organizations were actively compromised between September 2012 and October 2013.

As the Electronic Frontier Foundation recently pointed out, the old security paradigm “felt that human beings were the problem and tech is the solution.” What the internet of things pushes forward is a reversal on the old paradigm that humans are the solution to the problem that technology creates.

If we look closer at the human supply chain and data security for IoT, there are three key players: manufacturers, developers and end users.

Here’s how they can advance the future with foresight (rather than the proverbial hindsight):

1)   Manufacturers

We are finding that many manufacturers can engineer connected parts but do not have the security staff or experience to protect the features. Automotive and medical device companies release embedded systems with no one on staff to respond to a vulnerability report.

The product cycle typically looks like this: The manufacturers have a limited budget, as with all product releases, their primary goal is user adoption – not security. As the researchers and hackers find security flaws, user adoption is increasing, and the manufacturer has to release a patch or issue a recall. By this time, cybercriminals have an open opportunity to exploit the embedded system or flawed IoT gateway.

Original equipment manufacturers should focus on security from the product design stage, which will involve additional in-house security professionals or dedicated partners. With an average of 25 vulnerabilities per device, interconnectivity demands rigorous protection. One approach to improve the R&D cycle is to generate more revenue from the IoT device in order to invest early in more security checkpoints. One medical device company saw 10 to 20 times the revenue when opting to give a device away for free and charge monthly, moving from charging for IoT products to IoT services. This move helps incentivize the manufacturer to keep the device or embedded system on the market.

Also, to lump all manufacturers together would be a mistake. Many large software companies who have always handled security well will continue to do so – no matter the number of connections or level of proliferation. Apple tends to be a front runner on how they handle security, however, manufacturers can learn to lean more on legacy-level security companies to help test, iterate or secure, post-production, the connections and systems they release. “Leave it to the experts” is as true now as ever.

2)   Developers

Nearly 40 percent of large companies, including Fortune 500 companies, are not taking proper precautions to secure the apps they build for customers. On average, large organizations spend $34 million on mobile app development, of which only 5.5 percent is allocated to ensure that mobile apps are secure. Much more attention and focus is given to design even as we see the number of cyber attacks grow. And if those numbers seem shocking, consider that 50 percent of the organizations devote zero dollars to mobile security.

The mobile hackers we see today are able to break into highly valuable data through the insecure app or public WiFi networks. The mobile app hacks of tomorrow are those of embedded automotive IoT systems, flying drones (weighing up to 50 lbs), medical devices and other high-risk devices. Fundamentally, the IoT is about core components such as sensors for measuring temperature or wind speed and actuators to initiate driving a car or injecting insulin. As more and more gateways and apps connect to these core components, especially those in motion such as vehicles and drones, we will have a sudden and urgent need for developers to consider security testing imperative.

The IoT gateway is a device in the field responsible for gathering data from sensors and communicating with actuators. These are installed in homes, control systems and automobiles. One solution is to create a security framework that uses public key cryptography to authenticate communication between remote devices and gateways. This will prevent both data access and also unauthorized signals. Another fix for developers, according to Luca Dazi, who presented at the JavaOne Conference in October 2015, is to employ a framework that uses public-key cryptography to certify new software updates before installation. Lastly, another security step is to generate unique passwords for each device to provide different variants that are combined to generate the master password.

Beyond individual efforts, open source communities also cannot be underestimated. The idea of inviting your peers to help you find the vulnerabilities in your software or app build is quite powerful, and an open source community may be the right antidote for a porous ecosystem of this magnitude.

3)   End Users

What responsibility does the end user have, if any?

It would be difficult to rely on end-user education, rather than a push for open standards, protocols and industry organizations playing the role in IoT privacy and security. For instance, when you buy a phone charger, you don’t expect to have to do your own testing to make sure it is safe, you just look for a Underwriter’s Laboratory code on it. The way this would translate into IoT security would be to bake the open standards and protocols into the products as a matter of course, and standard bodies would then make sure the devices comply with security.

As always, end-user trust will be a key differentiator in the IoT marketplace.

Posted in Consumer Tech, CybersecurityLeave a Comment on Who is Responsible for the Data Security of 50 Billion IoT Connections?

Top 5 Security Risks for Connected Cars

Posted on June 13, 2018June 30, 2026 by io-fund
Top 5 Security Risks for Connected Cars

The global market for connected cars will grow by 270% by 2022 with 125 million passenger cars expected to ship worldwide between 2018 and 2022.1 By 2020, it’s estimated that UK, France and Germany will reach 100% connected car penetration. Growth in the European region is due to the eCall mandate which requires new cars to automatically dial the 112 emergency number in the event of a serious accident.2 While North America and Europe lead in the highest percentage of shipments, China accounts for 32% of shipments.

The list of connected features enjoyed by consumers that add more opportunities for security attacks include streaming radio, Wi-Fi access points and remote-control mobile phone applications. However, with these conveniences comes responsibility. The recent death of a woman in Arizona who was struck by an Uber in autonomous mode has put a spotlight on what can go wrong in connected vehicles as manufacturers seek to introduce more high-tech features to remain competitive to car buyers. Not surprisingly, 68% of Americans are fearful of cars with self-driving features.3

The increasing number of smart features built into cars opens door to a serious threat – hacker attacks. Because connected cars are linked with the Internet and its crucial parts are interconnected over a network, adversaries have the potential to remotely access and manipulate the data being exchanged leading to a number of problems, such as leaked personal information, overcoming vehicle’s security mechanisms, or even full remote control of the car.

Threats to the Connected Car

Innovative automakers, software developers, and tech companies are transforming the automotive industry. Drivers today enjoy enhanced entertainment, information options and connection with the outside world. As automobiles move towards more autonomous capabilities, the stakes will raise in regards to security. Even if cars are not entirely driverless, the functions will become increasingly dependent on applications, connectivity, and sensors. Vehicle-to-vehicle (V2V) and Vehicle-to-Infrastructure (V2I) allow the car to communicate with other cars and infrastructure such as traffic lights. Vehicle speed adjustments, telematics, and AI voice recognition and interfaces will become common features.

The rapid increase of these technologies inevitably creates the risk of hackers gaining access and control to the essential functions and features of those cars and utilizing information on drivers’ habits for commercial purposes without the drivers’ knowledge or consent.

Here are some of the risks for connected cars:

  • Stealing personally identifiable information(PII): Today, sensors generate 25 GB of data per hour and this is expected to double considering there will be 200 sensors installed in connected cars by 2020 up from 100 sensors in 2015. Once autonomous vehicles become mainstream, the 17,600 minutes Americans spend driving annually will equate to 300 TB of data per year.4 Financial information, personal trip information, location information and entertainment preferences are just some examples of PII that can potentially be stolen through a vehicle’s system.
  • Connection security: Like other connected devices, vendor implementation flaws are often exploited by researchers for proof-of-concept attacks. However, it is inevitable that these will be followed by real life attacks. The current poor state of security on connected cars creates a tempting target for cyber criminals.

 

  • Manipulating a vehicle’s operation: Catastrophic incidents resulting in personal injury and lawsuits may be in the near future. Well-known cybersecurity researchers Charlie Miller and Chris Valasek have demonstrated several proof-of-concept attacks where they were able to control the braking and steering of a car by accessing the adaptive cruise control system.5 Although costly and with a lower likelihood than data breaches and unauthorized entry, this sort of attack has now been proven possible to a global audience.

 

  • Unauthorized vehicle entry: Car thieves now have a new way to gain entry into locked vehicles. Many vehicle technologies have opted to replace physical ignition systems with keyless systems using mobile applications or wireless key fobs. These new access mechanisms mean that methods of obtaining illicit entry include intercepting the wireless communication between the vehicle and the mobile application or between the wireless fob and the vehicle to gain entry credentials, among other methods. The New York Times has documented methods such as wireless key emulation devices and “power amplifiers” that increase the range of the wireless signal looking for the entry credentials. If the owner is in a house or other location close to the car, criminals can then gain entry when their wireless fob responds.6

 

  • Mobile application security: As more automobile manufacturers release mobile applications that communicate with cars, mobile applications are quickly becoming a major target for malicious behavior. One example of a flaw in a mobile application happened when Nissan had to pull its NissanConnect EV application for the Nissan Leaf.7 The poor security of the application allowed security researchers to connect to the Leaf via the Internet and remotely turn on the car’s heated seating, heated steering wheel, fans and air conditioning. In an electric car, this meant the possibility a malicious actor could drain the battery of an unsuspecting owner. Mobile applications themselves can be vulnerable in a number of ways. According to Gartner, 75% of mobile applications would fail basic security tests.8 Mobile operating systems themselves are a source of concern—over the last four years, there has been a 188% increase in the number of Android vulnerabilities and a 262% increase in the number of iOS vulnerabilities.9
Posted in AI Stocks, Consumer Tech, Cybersecurity, Electric Vehicles, Internet of ThingsLeave a Comment on Top 5 Security Risks for Connected Cars

Is TV Advertising Dead? Ad Revenues Suggest Otherwise

Posted on June 12, 2018June 30, 2026 by io-fund
Is TV Advertising Dead? Ad Revenues Suggest Otherwise

Ideally, advertisers experience the same brand recall from TV combined with the audience-based targeting advertisers use in digital. By combining the best qualities of television with the addressability of digital, advertisers could have targeted, dynamic video ads in TV-quality streaming environments.

Cord cutters are getting a lot of attention these days. Perhaps justified considering 95% of homes with TV have access to services that can be viewed on another screen, contributing to the lowest growth rate ever for worldwide pay TV subscribers. Globally, Asia-Pacific saw the biggest gains adding 2.4 million homes compared to the Americas which added 850,000 homes and EMEA adding 210,000 homes[1].

However, while eyeballs may be shifting, many advertisers report TV ads delivering better ROI than digital. Coca-Cola’s global chief marketing officer famously declared to conference attendees they see $2.13 returned for every dollar spent on TV compared to $1.25 for dollars spent on digital.

A recent study by Accenture found that marketers over-state ROI from digital at almost 18% when seen as a standalone channel by failing to track and measure the halo effect from multi-platform television. Conversely, multi-platform TV’s adjusted ROI is understated by 10% according to the study by being mistakenly credited to single channels which analyzed $12 billion in anonymized marketing spend. In addition, while ROI from search, display and short-form video is high at initial spend levels, returns diminish as spend increases.

This infographic on The Current State of TV Advertising illustrates key points on the importance of TV Advertising today:

Posted in Digital AdsLeave a Comment on Is TV Advertising Dead? Ad Revenues Suggest Otherwise

New Trends in On-the-Go Entertainment for Flights and Cars

Posted on June 12, 2018June 30, 2026 by io-fund
New Trends in On-the-Go Entertainment for Flights and Cars

Smartphones have popularized the concept of on-the-go entertainment with users now spending over five hours per day on their mobile device. This steady demand is great for businesses as long as this usage has reliable 3G or 4G broadband, or WiFi access. Data efficiency decreases the farther one travels from metropolitan areas, whether that be by plane or automobile, whereas the demand for entertainment is constant.

In-flight entertainment systems and broadband are popular with 70 percent of survey respondents citing they would be willing to pay 7 USD for connectivity[1]. Total revenue from these passenger connectivity services will reach $5.4 billion by 2025 growing at a rate of 23 percent CAGR[2].

Wireless in-flight entertainment is expected to reach 9000 aircrafts by 2021 with connected commercial aircrafts reaching 23,100 by 2025. Market size is expected to reach 9.82 billion by 2024[3] with in-flight broadband growing at a CAGR of almost 11% [4].

While these estimates seem in-line, the IFE connectivity may achieve an even higher trajectory due to High Throughput Satellites (HTS). Connectivity will increase 3x reaching 1,500 Gbps by 2017 while increasing 5x to 285 Gbps in 2018. These increased data speeds will also lower costs contributing to more widespread adoption for IFE services.

Cars are also pushing forward on-the-go entertainment with the global in-car market expected to reach $33.8 billion by 2022 up from 14.4 billion in 2016. The automotive landscape is undergoing a drastic change with only 2% of cars online in 2012 compared to an estimated 90% to be connected to the IoT by 2020. [5].

An Infographic on Key Trends in On-the-Go Entertainment:

an infographic on key trends in on-the-go entertainment
Posted in Consumer Tech, Internet of Things, Mobile, TravelLeave a Comment on New Trends in On-the-Go Entertainment for Flights and Cars

5 Ways Hackers Attack Mobile Devices and Applications

Posted on June 12, 2018June 30, 2026 by io-fund
5 Ways Hackers Attack Mobile Devices and Applications

Hackers go about achieving their goals with reverse engineering software to find vulnerabilities they can exploit, data they can extract, or ways to modify the software to do something it was never intended to do. The primary consequences of applications getting hacked include financial loss, destroyed brand reputation, exposure to liability, and regulatory risk.

Over 7 billion identities have been stolen in data breaches over the last eight years equal to one data breach for every person on the planet. 

Why do Hackers Attack Mobile Devices and Applications?

In order to understand threats, we must understand what hackers are trying to achieve. Hackers will mount different kinds of attacks to achieve different kinds of goals. And so, defending against hackers in the context of application security may involve defending against many different kinds of attacks on your mobile device.

Hackers might be interested in bypassing business logic. For example, they might want to bypass controls that let them cheat at a video game or violate the terms of a software license. Of more serious concern is the potential for hackers to bypass controls in safety critical systems. It is not inconceivable that lives could be at risk if a hacker were able to hack a medical device, connected car or some component of critical infrastructure, such as a wind farm, a coal or nuclear power plant, a power grid, or a water treatment facility.

According to a recent study, automobiles today run systems that have more than 100 million lines of code. Those applications often contain valuable intellectual property, which hackers would rather steal than develop. For example, they might be a competitor or a nation state with inferior technology attempting to improve their own products in order to compete more effectively.

Hackers might also be interested in obtaining valuable pieces of data that are managed within the application, such as music or video, financial data, or privacy sensitive health data.

While data can be protected with cryptography, this only shifts the problem from protecting the data directly to protecting the cryptographic keys. Cryptographic keys are not only used to protect data. They can also be used to create a secure identity for a device.

A device may need such a key to authenticate to a cloud service. If a hacker were able to obtain this secret, they might be able to masquerade as that device or as the owner of the device. Cryptographic keys are also used to establish secure communications. For example, HTTPS is a familiar protocol that uses SSL/TLS to secure communication to websites. If a hacker were able to obtain these keys, they could snoop on or alter supposedly secure communications.

For all of these reasons, hackers are highly motivated to steal cryptographic keys embedded in or controlled by an application.

Sometimes hackers aren’t interested in the application itself, but using the application as a digital stepping stone to try to achieve some other goal. Hackers are often interested in obtaining root access on the device the application is running on, so they can install malware or use the device as a launch pad to attack something else.

Consider the 2016 Mirai botnet that infected web enabled cameras and installed a piece of malware that launched the largest distributed denial of service attack in history against the dynamic domain name service Dyn, causing wide spread internet outages. Those 100,000 cameras were able to launch 1.2 terabytes per second of data at a major piece of the global internet infrastructure. Here the goal of the attacker was not to compromise the webcam directly, but rather to bring down the web services of many companies whose DNS was controlled by Dyn.

Hacking Mobile Devices: Reverse Engineering and Tampering

Hackers employ two fundamental techniques when attacking: reverse engineering and tampering. If the hacker is trying to bypass business logic, they have to find where in the application the business logic resides. That requires reverse engineering. Then they typically must tamper with the application to bypass that logic.

If the hacker is trying to steal intellectual property, sensitive data or cryptographic keys from an application, they have to know where to look in the application. Unless those secrets are obvious, hackers need to reverse engineer the application to find them.

If the hacker is trying to create a stepping stone attack, they often use the workflow shown in Figure 1:

  • First, they find some vulnerability in the application, which again requires reverse engineering;
  • Then, they craft an exploit that takes advantage of that vulnerability;
  • Finally, they attack by launching the exploit to the application.

In a remote attack like the popular SQL injection attack, this may involve sending the message to the application over the internet. But if they have physical access to the device, which with mobile and IoT based systems can be as easy as a trip to the store, then they can directly tamper with the device.

Posted in Consumer Tech, Cybersecurity, Cybersecurity, MobileLeave a Comment on 5 Ways Hackers Attack Mobile Devices and Applications

How Mobile Devices and Cloud Computing Changed Security

Posted on June 12, 2018June 30, 2026 by io-fund
How Mobile Devices and Cloud Computing Changed Security

Prior to the advent of mobile computing, security was limited to corporate IT assets that were often physically secured in facilities owned and managed by the company. According to a recent SANS Institute study, organizations spend as much as 12 percent of their IT budget on security.

In a Ponemon Institute study, it was found that organizations have a 27.7 percent probability of having a material data breach in the next 24 months at an average cost of $3.62M.

Meanwhile, the world of computing has changed. Security is not just about physically secure data centers and corporate controlled computing assets. Instead, end users have gone mobile, connecting to cloud enabled services, often with their own personal devices. And with the rise of the Internet of Things, there will be billions of connected computing devices on the planet in the next several years.

The primary consequences of applications getting hacked include financial loss, destroyed brand reputation, exposure to liability, and regulatory risk. Over 7 billion identities have been stolen in data breaches over the last eight years equal to one data breach for every person on the planet. Meanwhile, mobile’s rapid expansion has introduced a complicated and potentially hostile environment that is difficult to manage and protect.

64 percent of security practitioners said they were very concerned about the use of insecure mobile applications in the workplace with an average of 472 mobile applications reported as actively used in organizations.

Prior to the advent of mobile computing, security was limited to corporate IT assets that were often physically secured in facilities owned and managed by the company, on a network behind a managed firewall, and possibly in a datacenter with multi-factor access, physical security, and armed guards. Because the company owned those assets, they were able to dictate what applications could run on those machines, and actively manage and monitor them, providing the latest patches, endpoint security, and other controls dictated by corporate IT. Assets located in such places were implicitly trusted.

Today, the situation has changed. Mobile devices dominate the market, often as the primary or only way users access the Internet and the many cloud services available. These devices also have very little, if any, physical security. It is a well-worn path hackers use to access such devices to reverse engineer or tamper with the applications running on them, often through rooting, jailbreaking or hoodwinking the user.

This shift has created all sorts of new business models to take advantage of the popularity of mobile devices.

 

These new business models come with new security problems:

  • New forms of payment using near field communications (NFC) on mobile devices are becoming popular in recent years. These applications require that credentials to authenticate users must be stored on the device. If those credentials are compromised, then a hacker can execute fraudulent transactions.
  • Mobile devices are being used in the automotive industry to enable remote parking from your smartphone. A compromise of the device could pose a serious safety risk.
  • In healthcare, patients are using mobile devices to manage sensitive information collected from various devices ranging from fitness monitors to blood glucose monitors to improve care and create data driven treatment options. A compromise of such a device can lead to a loss of privacy and sensitive information. Or even worse, if a device is hacked, it could potentially lead to life-threatening consequences for the patient.

 

Internet of Things

By 2025, the total global worth of IoT technology will reach USD 6.2 trillion with the most value coming from health care devices (USD 2.5 trillion) and manufacturing (USD 2.3 trillion). Meanwhile, we see a persistent lack of IoT security investment with 67 percent of medical device makers expecting an attack on their devices while only 17 percent taking measures to prevent an attack. These numbers are staggering when you consider U.S. hospitals have an average of 10 to 15 connected devices per bed with some hospitals registering 5,000 beds — totaling 50,000 connected devices per hospital.

Furthermore, traditional security solutions do not port well to the IoT world, due to differences in system architectures and resource constraints. Therefore, IoT security solutions have not evolved enough and are prone to numerous vulnerabilities.

Posted in Cloud Infrastructure, Data Center, Internet of Things, MobileLeave a Comment on How Mobile Devices and Cloud Computing Changed Security

Recent Posts

  • The IPO Glut of 2020: Why Valuations Have Gone Too Far
  • Zoom Discusses Two Important Catalysts In Q1 Earnings
  • Three Risk Management Tools the I/O Fund Offers
  • Micron Is Up 900%. Here’s Why the AI Memory Trade May Still Have Room to Run
  • Credo: Reliability Leader Aggressively Moves into Optics

Recent Comments

No comments to show.

Archives

  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025
  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • February 2018
  • January 2018

Categories

  • 5G
  • About
  • Accounting Tips
  • AdTech
  • Ai Platforms
  • Ai Platforms
  • Ai Platforms
  • Ai Platforms
  • Ai Platforms
  • Ai Platforms
  • Ai Platforms
  • Ai Platforms
  • Ai Platforms
  • Ai Platforms
  • Ai Platforms
  • Ai Platforms
  • Ai Platforms
  • Ai Platforms
  • Ai Platforms
  • Ai Platforms
  • AI Stocks
  • AI Stocks
  • Analysts
  • Application Monitoring
  • Application Monitoring
  • Applications
  • Applications
  • Applications
  • Applications
  • Applications
  • Applications
  • Applications
  • AR
  • Audit Reports
  • Autonomous Vehicles
  • Autonomous Vehicles
  • Autonomous Vehicles
  • Autonomous Vehicles
  • Autonomous Vehicles
  • Autonomous Vehicles
  • Autonomous Vehicles
  • Avod
  • Avod
  • Battery Charging
  • Bear Market
  • Bitcoin
  • Bitcoin
  • Bitcoin
  • Bitcoin
  • Bitcoin
  • Bitcoin
  • Bitcoin
  • Blockchain
  • Blockchain
  • Blockchain
  • Blockchain
  • Blockchain
  • Blockchain
  • Blockchain
  • Broad Market Today
  • Bull Market
  • Bull Market
  • Chainlink
  • Chainlink
  • Chainlink
  • Chainlink
  • China Stocks
  • Cloud
  • Cloud Infrastructure
  • Cloud Infrastructure
  • Cloud Infrastructure
  • Cloud Infrastructure
  • Cloud Infrastructure
  • Cloud Infrastructure
  • Cloud Infrastructure
  • Cloud Platforms
  • Cloud Platforms
  • Cloud Software
  • Cloud Software
  • Cloud Software
  • Cloud Software
  • Cloud Software
  • Cloud Software
  • Cloud Technology
  • Company
  • Company
  • Console Gaming
  • Console Gaming
  • Console Gaming
  • Consumer
  • Consumer
  • Consumer
  • Consumer
  • Consumer
  • Consumer
  • Consumer
  • Consumer
  • Consumer
  • Consumer
  • Consumer
  • Consumer
  • Consumer
  • Consumer
  • Consumer Tech
  • Corrections
  • Crypto Investment
  • Ctv
  • Ctv
  • Ctv
  • Ctv
  • Ctv
  • Ctv
  • Ctv
  • Ctv
  • Ctv
  • Ctv
  • Cybersecurity
  • Cybersecurity
  • Cybersecurity
  • Cybersecurity
  • Cybersecurity
  • Cybersecurity
  • Cybersecurity
  • Cybersecurity
  • Cybersecurity
  • Cybersecurity
  • Cybersecurity
  • Cybersecurity
  • Data
  • Data Analytics
  • Data Analytics
  • Data Analytics
  • Data Center
  • Data Center
  • Data Center
  • Data Center
  • Data Center
  • Data Center
  • Data Center
  • Data Center
  • Data Center
  • Data Center
  • Data Center
  • Data Center
  • Data Center
  • Data Center
  • Data Center
  • Data Center and Processing
  • Data Warehousing
  • Data Warehousing
  • Data Warehousing
  • Data Warehousing
  • Databases
  • Databases
  • Databases
  • Databases
  • Dating
  • Defi
  • Digital Ads
  • Digital Ads
  • Digital Ads
  • Digital Ads
  • Digital Ads
  • Digital Ads
  • Digital Ads
  • Digital Ads
  • Digital Ads
  • Digital Ads
  • Digital Ads
  • Digital Ads
  • Digital Ads
  • Digital Ads
  • E-Commerce
  • Earning Updates
  • Earning Updates
  • Earning Updates
  • Earning Updates
  • Earning Updates
  • Earnings Report
  • Earnings Report
  • Earnings Report
  • Earnings Report
  • Earnings Report
  • Earnings Report
  • Earnings Report
  • Earnings Report
  • ECommerce
  • Electric Vehicles
  • Electric Vehicles
  • Electric Vehicles
  • Electric Vehicles
  • Electric Vehicles
  • Electric Vehicles
  • Electric Vehicles
  • Energy Stocks
  • Enterprise
  • Enterprise
  • Enterprise
  • Enterprise
  • Enterprise
  • Enterprise
  • Enterprise
  • Enterprise
  • Enterprise
  • Ethereum
  • Events1
  • Events1
  • Exchange
  • Faq
  • Finance
  • Financial Analysis
  • Financial Analysis
  • Financial Analysis
  • Financial Analysis
  • Financial Analysis
  • Financial Analysis
  • Financial Analysis
  • Financial Analysis
  • Financial Analysis
  • Financial Analysis
  • Financial Analysis
  • Financial Analysis
  • Financial Markets
  • FinTech
  • Fundamental Analysis
  • Gambling
  • Gaming
  • Genomics
  • Glossary
  • Green Energy
  • Growth Stocks
  • Growth Stocks
  • Growth Stocks
  • Headsets
  • Headsets
  • Health Tech
  • Hydrogen
  • Identity
  • Identity
  • Identity
  • Inflation
  • Inflation
  • Inflation
  • Internet of Things
  • Interviews
  • Interviews
  • Interviews
  • Interviews
  • Investing
  • Investing
  • Ltbh
  • Ltbh
  • Ltbh
  • Ltbh
  • Ltbh
  • Macro Trends
  • Macro Trends
  • Market Trends
  • Market Trends
  • Market Trends
  • Market Trends
  • Market Trends
  • Market Trends
  • Market Trends
  • Market Updates
  • Market Updates
  • Market Updates
  • Market Updates
  • Market Updates
  • Market Updates
  • Market Updates
  • Market Updates
  • Market Updates
  • Market Updates
  • Media
  • Membership
  • Mining
  • Mobile
  • Mobile
  • Mobile
  • Mobile
  • Mobile Gaming
  • Mobile Gaming
  • Mobile Gaming
  • Multimedia
  • Music Streaming
  • NVDA | NVIDIA Corporation
  • Performance Updates
  • Pin Content
  • Podcasts
  • Podcasts
  • Podcasts
  • Portfolio
  • Premium Research
  • Press Releases
  • Press Releases
  • Productivity
  • Productivity
  • Productivity
  • Productivity
  • Productivity
  • Productivity
  • Productivity
  • Reports and Whitepapers
  • Research Services Preview
  • Resources
  • Resources
  • Semiconductor Stocks
  • Semiconductors
  • Semiconductors
  • Semiconductors
  • Semiconductors
  • Semiconductors
  • Semiconductors
  • Semiconductors
  • Semiconductors
  • Semiconductors
  • Semiconductors
  • Semiconductors
  • Semiconductors
  • Semiconductors
  • Social Media
  • Social Media
  • Social Media
  • Social Media
  • Social Media
  • Social Media
  • Social Media
  • Software
  • Software
  • Software
  • Software
  • Software
  • Software
  • Software
  • Software
  • Software
  • Software
  • Software
  • Software
  • Software
  • Software
  • Software
  • Solar
  • Solar
  • Stock Analysis PDFs
  • Stock Updates
  • Stock Updates (Blogs)
  • Supplychain
  • Supplychain
  • Supplychain
  • Supplychain
  • Supplychain
  • Supplychain
  • Svod
  • Svod
  • Svod
  • Svod
  • Svod
  • Svod
  • Tech Podcast
  • Tech Stock News
  • Tech Stock News
  • Tech Stock News
  • Tech Stock News
  • Tech Stock News
  • Tech Stocks
  • Tech Stocks
  • Tech Stocks
  • Tech Stocks
  • Tech Stocks
  • Tech Stocks
  • Tech Stocks
  • Tech Stocks
  • Tech Stocks
  • Tech Stocks
  • Tech Stocks
  • Tech Stocks
  • Tech Stocks
  • Tech Stocks
  • Technical Analysis
  • Telehealth
  • Telehealth
  • Telehealth
  • Telehealth
  • Testing Equipment
  • Testing Equipment
  • Top Tech Stock News
  • Travel
  • Trends Report
  • Tutorials
  • Uncategorized
  • Updates
  • Updates
  • Updates
  • Video
  • Video
  • Video
  • Video
  • Video Footage
  • VR
  • Webinar Alerts
  • Webinar Alerts
  • Webinars
Proudly powered by WordPress | Theme: iofund by iofund.co.uk.