A Slashdot reader laid bare the mistake, which included the fact that the hacker had an open SSH connection to work with. I wonder how many designers, illustrators, writers, and (in my case) finance geeks who tinker with open source projects, keep remote access on their machines on all the time? As usual for OS X, it is turned off by default.
As one commenter noted:
I think you can’t “see the forest for the trees.” The original test was equivalent to saying “I’ll let a thief into my house. Let’s see if he can steal anything!” Most houses don’t have everything bolted down to the floor. But how often do you allow someone into your machine? For a desktop, not often, perhaps never.
Despite this news, the person who broke into the Mac box (after being handed a partial set of keys) is mocking Apple security anyway. I suspect someone really needs some attention.