Author's note: Sincere thanks to those who assisted me with this post; their assistance has made it safer and more compelling. An earlier but very similar version of this post was posted on LessWrong some time ago.

Recently, there has been an alarming development in the field of terrorist attacks; more and more terrorists seem to be committing attacks via crashing vehicles, often large trucks, into crowds of people. This method has several advantages for an attacker - it is very easy to obtain a vehicle, it is very difficult for police to protect against this sort of attack, and it does not particularly require special training on the part of the attacker.

While these attacks are an unwelcome development, I would like to propose an even more worrisome question - why didn't this happen sooner?

I see no reason to believe that there has been any particular technological development that has caused this method to become prevalent recently; trucks have been in mass production for over a hundred years. Similarly, terrorism itself is not particularly new - just look to the anarchist attacks of the late 19th and early 20th century. Why, then, weren't truck attacks being made earlier?

The answer, I think, is both simple and frightening. The types of people who make attacks hadn't thought of it yet. The main obstacle to these attacks was psychological and intellectual, not physical, and once attackers realized these methods were effective the number of attacks of this sort began increasing. If the Galleanists had realized this attack method was available, they might well have done it back in '21 -- but they didn't, and indeed nobody motivated to carry out these attacks seemed to until much later.

Another instance - though one with less lasting harm - pertains to Tylenol. In 1982, a criminal with unknown motives tampered with several Tylenol bottles, poisoning the capsules with cyanide and then replacing them on store shelves. Seven people died in the original attack, which caused a mass panic to the point where police cars were sent to drive down the streets broadcasting warnings against Tylenol from their loudspeakers; more people still were killed in later "copycat" crimes.

In this case, there was a better solution than with the truck rammings - in the aftermath of these events, greatly increased packaging security was put into place for over-the-counter medications. Capsules (which are comparatively easy to adulterate) fell out of favor somewhat in favor of tablets; further, pharmaceutical companies began putting tamper-resistant seals on their products and the government made product tampering a federal offense. Such attacks are now much harder to commit.

However, the core question remains - why was it that it took until 1982 for there to be a public attack like this, and then there were many more (TIME claims hundreds!) in short succession? The types of people who make attacks hadn't thought of it yet. Once the first attack and the panic around it exposed this vulnerability, opportunistic attackers carried out their own plans, and swift action suddenly became necessary - swift action to close a security hole that had been open for years and years!

One practical implication of this phenomenon is quite worrisome - one must be very careful to avoid accidentally spreading dangerous information. If the main constraint on an attack vector can really just be that the types of people who make attacks haven't thought of it yet, it's very important to avoid spreading knowledge of potential ways in which we're vulnerable to these attacks - you might wind up giving the wrong person dangerous ideas!

Many otherwise analytical or strategic thinkers that I have encountered seem to fall prey to the typical mind fallacy in these cases, assuming that others will also have put thought into these things and thus that there's no real risk in discussing them - after all, these methods are "obvious" or even "publicly known". Certainly I have made this mistake myself before!

However, what is "publicly known" in some book or white paper somewhere may only be practically known by a few people. Openly discussing such matters, especially online, risks many more people seeing it than otherwise would. Further, I would generally say that the types of people who make attacks are cunning but unimaginative. They are able to execute existing plans fairly effectively, but are comparatively unlikely to come up with novel methods. This means that there's extra reason to be wary that you might have come up with something they haven't.

Thus, when dealing with potentially dangerous information, care should be taken to prevent it from spreading. That doesn't, of course, mean that you can't talk these matters over with trusted colleagues or study to help prepare defenses and solve vulnerabilities - but it does mean that you should be careful when doing so.

This consideration is especially relevant to the effective altruist community because several issues discussed in effective altruism have the potential to be quite hazardous, especially those related to existential risks.

As strange as it seems, it is very possible that the only reason things haven't gone wrong in just the way you're thinking of is that dangerous people haven't thought of it yet - and if so, you don't want to be the one giving them ideas!