RE: No transaction fee
As for the spamming, I know what you mean as it increases the very paradigm of that entanglement they are looking for. Sorry, don't have the right words to describe it, but I think I know what you mean. However...
The attack vectors, I meant were more general... like why is it not open source? Why did they have that cryptographic vulnerability (curl hash functions) and took them a long time to fix it fro when they found out? Why is there a 3rd party needed (they use the trusted coordinator model) for verification (defeats the purpose of decentralized network, no? I mean, they can't even see an attack happening under this model!). What about IOTA using ternary instead of binary (code harder to read, can't use the current security tools)... ALL VERY FISHY!