Could your microcontroller expert comment on the possibility of a Quiet Pro keyboard having its controller firmware changed over the USB link? This is assuming the OS of a connected system has been completely compromised.
The report on #badBIOS has raised important questions about devices which get plugged into a great number of systems over their lifetime and possibly act as a vehicle for malware. I also noticed that J. Rutkowska at ITL (security research) has commented "Generally USB keyboards is something we really don't like...". The picture I'm getting is not encouraging, but can Matias provide any reassurance about their products?
It's interesting that I saw your question within minutes of seeing this suggestion from another GHer...
Layout: Never one fits all. No one can design universal layout for everyone. Programmability is required.
1) Reprogrammable controller.
The keyboard will get to be fully programmable by user community endeavor if MCU datasheet and toolchain are publicly available. No need extra customer support cost for manufacturer!
Widely pervasive Atmel AVR or ARM Cortex is preferable? I think we'll happily pay the cost for that if it is like $5-10.
Anyway, to answer your question, no that's not possible.
They would need to gain physical access to the keyboard to be able to change it, and they would need to know technical details which we have not disclosed. It's not enough to just run some software. If someone malicious gains physical access to your computer, the keyboard is the least of your concerns.
Setting aside all the technical and logistical hurdles to doing this, the microcontroller in the keyboard doesn't have enough memory to store anything more than the keyboard layout, so it wouldn't have anywhere to put any information captured.
With regards to security, wired keyboards are as safe as they come. You don't need to worry.