This sort of thing has been known for a very long time -- for instance, the reason why most modern login managers restart the X server when you log out is to prevent somebody from leaving a program running that can access the next user's screen or keystrokes. Since the X Window protocol allows applications to find out about keypress events, it's not surprising that if you can run an arbitrary application then you can run a keylogger.

There are lots of keyloggers available for Windows, too; I'm not sure why the author thinks that this is somehow Linux-specific. She obviously is pushing her pet "Qubes OS" project.

The ASP was a complex machine to program and included about 20,000 lines of C code to program.

For anyone else who was confused about what this sentence was trying to say, the original statement in the hackaday article makes a whole lot more sense:

The ASP was a complex machine to program. The Deep Note took about 20,000 lines of C code to program.