Edit: I was wrong on all counts, see chuckup comment below. This happens after boot in cooperation with the OS. Encryption and secure boot are irrelevant.
I presume this type of firmware enabled OS modification will not be able to work with drive encryption enabled, but does secure boot help at all in this situation? Presumably Lenovo includes their own signing key in their firmware so their signed executables would also be trusted. Or is this not something secure boot would verify?
It is probably more of a desire to reduce the effects of RSI and prevent jumping all over the keyboard. We don't necessarily write code at break-neck speeds, but we do need to use modifiers and special keys more than the average keyboard jockey.
That beign said... typing speed is also important. I've always written a large amount of prose as part of my job (compared to most non-programmers). And not just time-wasting typing at HN, but documentation, job-related emails, etc.