A backup medium (SSD or whatever) which only allows writes to empty space. Unless a switch is manually switched from "write" to "update".
In "write" mode, it would only allow writing to empty space.
In "update" mode, it would allow writing everywhere.
I would leave it in "write" mode most of the time. For me, a typical SSD has enough space for years of incremental backups. If I should ever want to delete old backups, I would set it to "update" mode to do that and then set it back to "write" mode.
I really wouldn't trust this if the hardware encryption on SSD's is anything to go by. Microsoft actually defaulted Bitlocker to software encryption because the state of things were so bad.
I'm also wondering how the hashes will be kept up to date. Will it require a host program to communicate with the drive over a proprietary protocol? If so then that arguably makes this pointless, as obviously they're only going to work on Windows.
As a matter of principle, I'm opposed to attaching even more computers outside the user's control to supposedly "personal" computers.
In the pursuit of security (or just the excuse of it), more functionality is being given to opaque, locked systems (SSD firmware, management engines, etc.), instead of freedom-respecting solutions (there is no technical reason systems can't be fully open-source, with user-controlled cryptographic keys, and a tamper-evident mechanism as some smartphones already have - i.e. a "bootloader unlocked" warning message).
This moves power away from users and to the manufacturers, contributes to the jenga-tower of technical complexity, and eventually worsens security, once vulnerabilities in these systems are inevitably found:
The modern "Software operating system" is a lie, it talks to an abstraction of other systems that masquerade as a predictable machine presented to them with known interfaces.
How would it ever work without the companion software? One of the motivation is that users don't install anti-ransomware software, but they do have to install this companion software that is effectively anti-ransomware, don't they?
I don't see the appeal compared to a fully software-based solution.
Some people argue that sufficiently advanced ransom ware will evade or disable your software only solution but the same could be true of this it is just different and possibly more difficult to evade
Detecting and/or preventing encryption might be useful, but since recent ransomware also downloads sensitive data files and uses the threat of disclosure to force payment, the encryption is only part of the problem.
What I would trust:
A backup medium (SSD or whatever) which only allows writes to empty space. Unless a switch is manually switched from "write" to "update".
In "write" mode, it would only allow writing to empty space.
In "update" mode, it would allow writing everywhere.
I would leave it in "write" mode most of the time. For me, a typical SSD has enough space for years of incremental backups. If I should ever want to delete old backups, I would set it to "update" mode to do that and then set it back to "write" mode.