On my Android, create a vault. Designate that vault as the Save Location for my Camera. Unlock the vault. Take photos that will be saved into the vault. Lock the vault (encrypting the contents). Let the vault sync between my Android and my Windows PC without using a cloud service (using resilio sync or syncthing). Then on my Windows PC unlock the vault and access the photos.
The goal is to never really let the photos taken land in the android file system.
Kind of, if you enable automatic photo upload, all pictures stored on the phone will be continuously uploaded, including those taken with the camera.
The upload is triggered when
the vault gets unlocked and images have been stored on the smartphone since the last unlocking.
the vault is already unlocked and an image is stored. This image will be immediately uploaded.
I have a separate vault for those auto upload images and keep it always unlocked so that every time a picture is saved on the phone it is automatically uploaded into the vault. I always leave other vaults locked, only when I need to check or edit something I unlock it for a short time and lock it again. This will be even better as soon as set auto lock timeout per vault is implemented.
edit: I did not realize that you can share into an unlocked vault. So for now as a sort of work around I can take pictures in an encrypted camera and then share those pictures from that camera gallery into cryptomator and then lock and sync the vault.
I think I have the same interest as you. I’d like to photograph sensitive documents and send them straight to a vault. I didn’t know there were encrypted camera apps but after reading your comment I went searching. I found Stingle Photos which is open source. It seems to work pretty well. I disabled all the connections to their backup services. The app can unlock with biometrics. The photo goes straight into Stingle encrypted storage. From their I can shared it to cryptomator. I haven’t completely figured out my workflow but I think in the future I’ll probably delete the photo from Stingle once it is shared to cryptomator since I plan on a backup strategy for cryptomator and I’m not as familiar with how well Stingle protects the data.
Since these two apps (Stingle photos and Cryptomator) are using different encryption, it must be unencrypted during transmission between the two apps, but that seems like a relatively small window of vulnerability.
I wish I could contribute some code to cyptomator… it’s an amazingly useful tool. I don’t have the programming chops to do anything like that though. I have great respect for the guys that do program and support cryptomator, it’s a worthy mission.
I imagine that the Document Provider upgrade would give some new options for taking photos securely. For example, I think I would be able to set up a 2nd camera app on my phone whose photo save destination was a cryptomator vault. It remains to be seen exactly what that would look like (when do I have to sign in, and do I have to do it from outside the camera app), but at any rate I’m excited about that Document Provider upgrade in the works.
I thought I could use Cryptomator on Android as a target to save things secure. This is my fault because I imagined it to work like this without reading exactly.
I would like to use it for photos but also for backups from other apps that allow to save the backup to the file system.
What I miss is to not expose these files to the file system and thus to all other apps.
One “work-around” is to unlock the cryptomator vault using the android cryptomator app, and then you can “share” from your other app(s) into the cryptomator vault. It works pretty well for me to get stuff IN to a vault. But if an app is looking for a directory to save a file (something that can’t be shared) then that probably won’t work. You’d be stuck saving locally, importing into cm, then going back to delete the local file (lots of extra steps and room for error).
Taking pictures without any temp files outside of Cryptomator is a big wish for me too. Think about important finance data that you like to archive digitally.
Many encrypted cloud storages like sync.com offer this feature.