Usually, local exploits are easier to find and give you full access to the system, so having an account in that computer made the challenge much easier. It’s not very normal to find a server connected to Internet where anyone can login and create his own account.

Another owner of a Mac mini has decided to try this again, but this time not allowing the creation of local accounts. The server is located at the University of Wisconsin and the instructions are at Mac OS X Security Challenge. Will anyone be able to hack into this system and modify the webpage? Maybe or maybe not, but at least, this is a more realistic scenario than the other contest.

From | Netsec 

But these viruses are not the only threats to Mac OS X as the owner of rm my Mac discovered a few days ago. Trusting his operating system, he invited hackers to try to delete (rm is the unix instruction for deleting files) all the files in the disk of his mac mini, which was connected to Internet.

Six hours later, he discovered that it had been hacked, but the attacker didn’t remove his files, although he could have done it. According to the hacker, the machine was attacked with some unpublished exploits for Mac OS X which have not been been made public yet neither have been patched.

So, if you own a Mac you should better be aware of this and try to protect it. A firewall and deactivating all not needed services is the least you can do. I don’t currently own a Mac, so I don’t know if the default configuration already does this (should do it), but better check it before it’s too late.

From | ZDNet