How do you know that was the case here?
Anyway, if Terminal is known to be insecure for local users, why does it default to being available, or alternately, why hasn't it been patched so it is secure?
Terminal is not insecure [sic]. It. Is. An. Application. Apps are meant to be run; but not by people on a multi-user system who do not NEED to run them (hell - the windows systems we have at work: the admins don't even let us do our own scandisks and defrags).
Obviously, like the OS installation on your home computer, there are a limited number of users and you don't give-out accounts to people who would potentially try to hack your system (except maybe for your kids; but you can beat them if thehy f! it up).
If you don't want users to do bad things, don't give them the tools. If you're stupid enough to WANT people to try to hack your system remotely and you give them accounts on the system and you leave the tools lying-around for them to use... <shrug>
This kid screwed the 'test' by giving hackers everything they NEEDED to destroy the system.
It's. A. Non-. Story.