As mentioned above, a finer granularity in raw input is the first thing required. This could be done fairly quickly with a little hacking inside the X server. It would also be helpful to put some more intelligence on the outside of the running probability generator, to determine whether the results are inconclusive, authentic, or a probably indicate an intrusion. A neural net would probably be a good tool here. An application of this would be to incorporate it into a screen saver so that when the user steps away from his or her terminal without logging out nor locking the screen, if someone else were to come and begin typing, the intrusion would be detected and a password required. The authentic user, on the other hand, could resume work without the inconvenience of a password. Since the majority of security problems come from people not using security measures provided to them because of inconvenience, this added convenience would actually go a long way toward improving security of unattended terminals.