In cryptography, a watermarking attack is an attack on disk encryption methods where the presence of a specially crafted piece of data can be detected by an attacker without knowing the encryption key.
Thus, with CBC, each sector has to have its own initialization vector (IV).
If these IVs are predictable by an attacker (and the filesystem reliably starts file content at the same offset to the start of each sector, and files are likely to be largely contiguous), then there is a chosen plaintext attack which can reveal the existence of encrypted data.
The problem can be relatively easily eliminated by making the IVs unpredictable with, for example, ESSIV.
[1] Alternatively, one can use modes of operation specifically designed for disk encryption (see disk encryption theory).
This weakness affected many disk encryption programs, including older versions of BestCrypt[2] as well as the now-deprecated cryptoloop.
[3] To carry out the attack, a specially crafted plaintext file is created for encryption in the system under attack, to "NOP-out" the IV[4] such that the first ciphertext block in two or more sectors is identical.
The ciphertext block patterns generated in this way give away the existence of the file, without any need for the disk to be decrypted first.