| Challenge | Description |
|---|---|
| LAN Mistrust | Where IoT devices that rely on local network based authentication |
| Environment Mistrust | When the IoT device trusts the physical environment (e.g. trust a camera is not moved, or for voice assistants that the voice speaking physically nearby is allowed) |
| App Over-Privilege | Where apps can perform unauthorized/unexpected actions on multi-app platforms (e.g. ) |
| Weak Athentication | For example speakers that allow anyone with bluetooth in range to connected. |
| Implementation Flaws | Hardcoded credentials, [[Cross Site Scripting|XSS]], open ports and debugging functionality, unencrypted transmission |