I'm guessing, from what I've read in passing from people who know what they are talking about, I'm not an expert. Get a weird device, that is unlikely to have anything the exploit is expecting. Load an OS with a sandbox mode. Keep a bunch of testing software on that device. I think there's some way to see if the data's state has changed before and after plugging it in, or an OS that doesn't allow it's state to change.