Do your worst . . .
The challenge is as follows: simply alter the web page on this machine, test.doit.wisc.edu. The machine is a Mac mini (PowerPC) running Mac OS X 10.4.5 with Security Update 2006-001, has two local accounts, and has ssh and http open – a lot more than most Mac OS X machines will ever have open. Email das@doit.wisc.edu if you feel you have met the requirements, along with the mechanism used. The mechanism will then be reported to Apple and/or the entities responsible for the component(s). Going after other hosts/devices on the network is out of bounds.
So you can get the source to the OS and the daemons running on it (ssh and http) — which is more of a headstart than you get with Windows. Let’s see if anyone can do it.
[tip]