I already pointed out previously that I do not see any alternative to the TrueCrypt for encrypting data on disk. TrueCrypt is the only tool that we can more or less trust so far. You will probably remember that Bruce Schneier recommended to use Windows encryption, the BitLocker, instead of TrueCrypt and I called that idea nonsense. To prove me right, here comes the Windows 10 End User License Agreement (EULA) that states explicitly Microsoft will retain the keys to the encryption.
This is rather amazing but, indeed, if you used the BitLocker to encrypt the data on disk, the key will be copied by Microsoft to the OneDrive servers. Of course, that makes the encryption quite pointless as the OneDrive servers are controlled by Microsoft and they will give the key to government authorities and intelligence agencies.
Moreover, Microsoft actually reserves the right to do anything they want with all your data, which by definition includes your keys and the data protected by the encryption:
We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to protect our customers or enforce the terms governing the use of the services.
So, really, all of your information is not only accessible to the government and intelligence agencies but even the company itself will access and manipulate your data whenever they believe it “necessary”.
Yes, TrueCrypt remains the only tool for disk encryption on Windows and you cannot, in good faith, claim that BitLocker is a good substitute for it. And, really, go Linux already.