Haha, I have never been so nasty but I fooled around a little I have to admit.
In IT classes, we had like 20-30 work stations running SunOS with X. I would set my display to another student station,
DISPLAY=other_student_ip ; export DISPLAY
wait until the teacher comes to his station then launch netscape with a porn site target URL. I had good laughs back then. Student would usually try to close the netscape windows while the teacher would give him a suspicious look maybe thinking it was already open and minimized and that the student had just maximized the window by mistake. I could have got caught easily I assume if he left it running and instead investigated where that window was coming but I didn't risk much getting caught.
Also, X allowed you to get the keys typed on any station and steal login credentials then access other student accounts.
Some stupid student had pictures of himself naked with his gay friend in his University home folder! ;-)
Back then the laws weren't very clear about such activities as long as you didn't tamper the data, steal it for your own use, use it to blackmail somebody, try to get money or other advantages from it, etc. so I stayed on the safe side and only looked around although I was tempted to post the gay guys pictures somewhere public. Like today, I must have already been some kind of a white hat since I didn't and didn't mention it to anybody either.