> It runs in a privileged environment separate from the kernel and blits the light directly onto the screen hardware.

That explains how it can still be safe from even kernel-level exploits. Neat approach, and it works for the microphone light too.