[iuybuyvvyu]

Ideally it should otherwise you are vulnerable to a range of differential attacks. In practice it's a compromise between performance and security.

It might very well touch a large number of blocks to stop an attacker working out where on a disk a particular file is. There are a bunch of rsync freindly crypto implementations that minimize this effect

[Devilboy]

How exactly would an attacker have enough access to your encrypted data to do a diff attack? If he has physical access to the machine you're going to be compromised regardless of the details of the encryption scheme.