Vviewpoints
I
M
A
G
E
B
Y
A
N
D
R
I
J
B
O
R
Y
S
A
S
S
O
C
I
A
T
E
S
/
S
H
U
T
T
E
R
S
T
O
C
K
ers whether they wished us to provide
an option to switch off these checks in
the interests of efficiency on production
runs. Unanimously, they urged us not
to—they already knew how frequently
subscript errors occur on production
runs where failure to detect them could
be disastrous. I note with fear and horror that even in 1980, language designers and users have not learned this
lesson. In any respectable branch of engineering, failure to observe such elementary precautions would have long been
against the law.” [emphasis added].
Hoare said this when personal computers and the Internet were in their
infancy, long before the Web, DDoS
attacks, and data breaches. Indeed, a
lot has changed during this time (see
Table 1). But one thing that has not
changed is the lack of any meaningful
regulation on the software industry.
In retrospect, Hoare’s pronounce-
In the context of security, the soft-
ware industry does not always tighten
the lid. In some cases it fails to put the lid
on at all, leaving the honey exposed and
inviting. Perhaps the most infamous ex-
ample of recent years is the WINvote vot-
ing machine, dubbed the worst voting
machine in the U.S. A security analysis
by the Virginia Information Technolo-
gies Agency in 2015 found, among other
issues, the machines used the depre-
cated WEP encryption protocol, that
the WEP password was hardwired to
“abcde,” that the underlying Windows
XP (which had not been patched since
2004) administrator password was set
to “admin” with no interface to replace
it, and that the votes database was not
secured and could be modified.
7 These
machines had been used in real elec-
tions for more than 10 years.
Such cases constitute malpractice,
and call for regulation. Regulation is
necessary because not everything can
be trusted to market forces. There are
many examples in diverse industries.
The sale of alcohol to minors is prohibited. Construction and housing
cannot use asbestos and lead-based
paints due to public health concerns.
The automotive industry is required to
install seat belts and report pollution
levels. Aviation is strictly regulated, in-
cluding airspace utilization (distances
between planes), aircrew work sched-
ules, aircraft noise levels, and more.
Advertisers are required to add warn-
ing labels on advertising for cigarettes
and other tobacco products.
Computers are regulated in terms
of electrical properties, such as the
FCC regulations on radiation and communication. But the software running
on computers is not regulated. Nearly
40 years ago, in his ACM A.M. Turing
Award acceptance speech, Tony Hoare
had the following to say about the principles that guided the implementation
of a subset of Algol 60:
2 “The first principle was security. [...] A consequence of
this principle is that every occurrence
of every subscript of every subscripted
variable was on every occasion checked
at runtime against both the upper and
the lower declared bounds of the array.
Many years later we asked our custom-
Viewpoint
Tony’s Law
Seeking to promote regulations for reliable software
for the long-term prosperity of the software industry.
DOI: 10.1145/3299800