> You're only safe if you have offsite backups with drives that didn't mount to your computer recently.
Or if your backup solution is—from the perspective of the computer being backed up—an append-only store. Like a box of tapes, or Tarsnap using restricted keys, or Arq pointed at a versioned S3 bucket, or a NAS exposing an iSCSI target backed by an LVM thin pool LV with automatic daily snapshots.
Sadly, as far as I know, no turn-key hardware "home backup" or "home NAS" product is in that category, though.
I've seen this in practice - the two person business with a file server, and a NAS they backed up onto. For the size of the business, they were doing everything right.
Every time I say this, someone chimes in and says that in their office, they air gap tape drives and do all sorts of things with storage snapshots. If you're an enterprise - great. A large proportion of "two laptops" businesses have no backups at all, or a "I selectively place important things in Dropbox" setup. This team went and bought a NAS and setup backups. Good on them. It was sad to see cryptolocker take down both desktops, and all backups on the NAS.
The email he received sent him to a website with a convincing looking download, which came up 0/55 on virustotal. He even told me he wouldn't have run an executable - but it was a Word document. It can be truly depressing to see who cryptolocker affects sometimes.
Fortunately, there do exist several inexpensive and user-friendly incremental cloud backup solutions. For a few bucks a month you can back up everything to Cloudflare or Backblaze and be fine even if your primary copy and recent backups all get hosed.
I've contemplated setting up a small home server with write-only shares for backups, but ended up not doing it because of the cost and time. If there were a reasonably priced off-the-shelf product for this, I'd recommend it to everyone I know.
On the other hand, if there were an off-the-shelf product for this, it would probably have unpatched security issues two weeks after you bought it, and if it were in common use you'd see ransomware targeting it. Tough problem to solve if you're not running and maintaining your own devices.
I suppose tarsnap or S3 would be the way to go, I'm just not that into cloud backups. Maybe it's time to get over that.
> if there were an off-the-shelf product for this, it would probably have unpatched security issues two weeks after you bought it
I'm waiting for the NAS "appliance" that's actually running CoreOS, and then just relies on running the :latest tag of some popular Docker image (and not a fork of it that they'll forget to update eventually; the original upstream image), plus a bit of config-file glue generated into a shared volume from a web-UI service running in another container. (Bonus points if the second container is only started up, for an hour at a time, when you press a button on the NAS, WPS-style.)
Such a design is essentially the same as shipping the device's OS as "firmware" with auto-updates, but for the fact that the vendor themselves isn't anywhere within the path of creating or distributing those updates. Which, in the end, makes all the difference.
Or if your backup solution is—from the perspective of the computer being backed up—an append-only store. Like a box of tapes, or Tarsnap using restricted keys, or Arq pointed at a versioned S3 bucket, or a NAS exposing an iSCSI target backed by an LVM thin pool LV with automatic daily snapshots.
Sadly, as far as I know, no turn-key hardware "home backup" or "home NAS" product is in that category, though.