On my Android, create a vault. Designate that vault as the Save Location for my Camera. Unlock the vault. Take photos that will be saved into the vault. Lock the vault (encrypting the contents). Let the vault sync between my Android and my Windows PC without using a cloud service (using resilio sync or syncthing). Then on my Windows PC unlock the vault and access the photos.
The goal is to never really let the photos taken land in the android file system.
Kind of, if you enable automatic photo upload, all pictures stored on the phone will be continuously uploaded, including those taken with the camera.
The upload is triggered when
the vault gets unlocked and images have been stored on the smartphone since the last unlocking.
the vault is already unlocked and an image is stored. This image will be immediately uploaded.
I have a separate vault for those auto upload images and keep it always unlocked so that every time a picture is saved on the phone it is automatically uploaded into the vault. I always leave other vaults locked, only when I need to check or edit something I unlock it for a short time and lock it again. This will be even better as soon as set auto lock timeout per vault is implemented.
edit: I did not realize that you can share into an unlocked vault. So for now as a sort of work around I can take pictures in an encrypted camera and then share those pictures from that camera gallery into cryptomator and then lock and sync the vault.
I think I have the same interest as you. I’d like to photograph sensitive documents and send them straight to a vault. I didn’t know there were encrypted camera apps but after reading your comment I went searching. I found Stingle Photos which is open source. It seems to work pretty well. I disabled all the connections to their backup services. The app can unlock with biometrics. The photo goes straight into Stingle encrypted storage. From their I can shared it to cryptomator. I haven’t completely figured out my workflow but I think in the future I’ll probably delete the photo from Stingle once it is shared to cryptomator since I plan on a backup strategy for cryptomator and I’m not as familiar with how well Stingle protects the data.
Since these two apps (Stingle photos and Cryptomator) are using different encryption, it must be unencrypted during transmission between the two apps, but that seems like a relatively small window of vulnerability.
I wish I could contribute some code to cyptomator… it’s an amazingly useful tool. I don’t have the programming chops to do anything like that though. I have great respect for the guys that do program and support cryptomator, it’s a worthy mission.
I imagine that the Document Provider upgrade would give some new options for taking photos securely. For example, I think I would be able to set up a 2nd camera app on my phone whose photo save destination was a cryptomator vault. It remains to be seen exactly what that would look like (when do I have to sign in, and do I have to do it from outside the camera app), but at any rate I’m excited about that Document Provider upgrade in the works.