Are there any type of file whatsoever that can -not- be encrypted? Is there any data that can't be encrypted by the regular RSA encryption methods?
Also, does anyone know what files the cryptolocker family actually encrypts? Are there any file-types that are safe at the moment?
No, any data can be encrypted. There are some types of data it doesn't make much sense to encrypt (e.g. data which is already encrypted), but there is nothing that inherently prevents you from doing it. Remember that most encryption algorithms don't work on files internally - they work on streams of bits. Since all files are made of streams of bits, they don't care what the actual content is, and will happily output a different stream of bits which we call the ciphertext or encrypted file.
As a result of this, technically there are no restrictions on what any ransomware could encrypt. It would be entirely feasible to have a ransomware application which used the Truecrypt source and performed full disk encryption, leaving a minimal boot area prompting for a decryption key once you've paid the ransom.
Any files which aren't encrypted by cryptolocker or other similar malware are down to specific choices by the designers. They may have decided that encrypting .dll files was likely to break Windows too much for the user to be able to access the payment methods, or that no-one cared enough about their .bat files to make it worth encrypting them. This also suggests that relying on specific file types not being encrypted is a bad strategy, since it would be trivial for the designers to change these at any point.
As stated, any data can be encrypted. Digitized data at its lowest level is a string of 1's and 0's, at a slightly higher level is/can be expressed in hexadecimal (numbers in a base 16 format) and at a higher level than that are just a collection of numbers mapped to the characters we recognize through an encoding scheme, such as ASCII, for example... we see "a", but that's just character 97 (decimal) in the ASCII character encoding table.
So, all digital data is a collection of numbers, and cryptographic algorithms are fundamentally nothing more than (very complicated) mathematical functions. So yes, feed numbers into a mathematical function, and you get different numbers out. You can do that with any numbers, so by extension, you can do that with any computer data/filetype. Obviously, it makes more sense to do with some files than others, but at the same time, there is full disk encryption as well, which will encrypt everything on a disk, including (but not limited to) every single file.
Cryptolocker, and most related crypto malware target document filetypes for encryption. Specifically which filetypes are encrypted vary based on the specific variant or family, but it's generally anything an end user is likely to directly use. Pictures, Office documents, pdfs, media files (audio and/or video), etc. The reason for this is simple economics - they want to target files that users are a) willing to pay to recover and b) can't get back just by reinstalling whatever OS or program.
The list of filetypes encrypted by Cryptolocker, specifically:
*.odt, *.ods, *.odp, *.odm, *.odc, *.odb, *.doc, *.docx, *.docm, *.wps, *.xls, *.xlsx, *.xlsm, *.xlsb, *.xlk, *.ppt, *.pptx, *.pptm, *.mdb, *.accdb, *.pst, *.dwg, *.dxf, *.dxg, *.wpd, *.rtf, *.wb2, *.mdf, *.dbf, *.psd, *.pdd, *.pdf, *.eps, *.ai, *.indd, *.cdr, *.jpg, *.jpe, *.jpg, *.dng, *.3fr, *.arw, *.srf, *.sr2, *.bay, *.crw, *.cr2, *.dcr, *.kdc, *.erf, *.mef, *.mrw, *.nef, *.nrw, *.orf, *.raf, *.raw, *.rwl, *.rw2, *.r3d, *.ptx, *.pef, *.srw, *.x3f, *.der, *.cer, *.crt, *.pem, *.pfx, *.p12, *.p7b, *.p7c
Note that Cryptolocker is just one of the crypto ransomware families... there's also CryptoWall and others. CryptoWall variants tend to focus more on media files and the like than Cryptolocker, as well as including more advanced techniques for eliminating shadow copies and other methods of recovering files without paying up. Probably also worth pointing out that Cryptolocker targets more business-use filetypes than CryptoWall.
As the operating system and its applications are turned into the delivery platform for the ransom demand, system files are avoided by all major crypto ransomware families. For one thing, most users wouldn't know what a given dll or exe does anyway, and for another, if it were to go about encrypting those files, it would render the system unusable, which would prevent the ransom demand from being delivered. So, as far as file types that are safe from Cryptolocker, specifically, anything not on the list above, but as far as what's safe from crypto ransomware in general... not much.
The best mitigation strategies are having backups of your data, proper use of account permissions (and not running as an administrative user), because these programs operate with the permissions of whatever user account happens to execute them, and at least for Windows-based systems, restrictions on which applications are allowed to execute from users' temporary folders.
