Well that was my thinking RR - that a disk hosted on another OS would be safe...

Consider inotify...

INOTIFY(7)                                          Linux Programmer's Manual                                         INOTIFY(7)

NAME
       inotify - monitoring filesystem events

DESCRIPTION
       The  inotify API provides a mechanism for monitoring filesystem events.  Inotify can be used to monitor individual files, or to monitor directories.  When a directory is monitored, inotify will return events for the directory itself,  and  for files inside the directory.

       The following system calls are used with this API:

       *  inotify_init(2) creates an inotify instance and returns a file descriptor referring to the inotify instance.  The more recent inotify_init1(2) is like inotify_init(2), but has a flags argument that provides access to some extra function‐ality.

       *  inotify_add_watch(2)  manipulates  the  "watch  list" associated with an inotify instance.  Each item ("watch") in the watch list specifies the pathname of a file or directory, along with some set of events that the kernel should monitor for  the  file  referred  to  by  that pathname.  inotify_add_watch(2) either creates a new watch item, or modifies an existing watch.  Each watch has a unique "watch descriptor", an integer  returned  by  inotify_add_watch(2)  when  the watch is created.

       *  When  events  occur  for monitored files and directories, those events are made available to the application as structured data that can be read from the inotify file descriptor using read(2) (see below).

etc, etc....

or you could just set up a RAID array.

@Anonymous wrote:

The majority of ransomware is written in C and targetted at Windows due to the user base and is downloaded to the victim via JS..

---

It was my understanding that javascript could not touch the users file system so how is that done then?

As far as i'm aware most drive by downloads are actually powered by flash which does have the ability to play filing cabinets..

---

@Alex wrote:
I wonder if you can setup some kind of automatic replication, so as soon as you save a file on one device, it goes to the other. So both are always up to date?

---

You could set up DFS (Distributed File Server) on Microsoft Server 2003R2 - or later to do this.  But it is still Microsoft and I think still uses SMB, so solve one problem and gain a few more!

Yes, sadly the only way I think to go is to use CD/DVD/Blu Ray media. Keep it wherever in the house.

The hackers will find some other exploit in the future, and now they've learnt it makes them money it will continue. It wouldn't surprise me if they share the source code with each other and adapt it for the next one.