You could patch one binary of /usr with a trojan/virus to read the content of /etc and send it via mail to a machine of yours (or whatever scheme you can think of). Full volume protection (FVE)is made, amongst other things, to protect against offline attacks/pre os attacks. If you don't cipher your OS, you're vulnerable to the attack above.
In addition maybe an user left important data in /usr, maybe you have some company confidential internal program, maybe tomorrow there is an extremely elaborate attack released on Blowfish/CBC with known cipher text when the moon is aligned with Jupiter and you have a prime number of hairs on your head, maybe, maybe... Just let's be redundant. ;)
