Saudi's Mobily denies plan to spy on customers
Gulf kingdom telco hits back at claims by hacker that it asked for surveillance tools
Saudi Arabian operator Mobily has dismissed claims by a US hacker that it sought his help in the building of surveillance tools to monitor encrypted data feeds such as Twitter, WhatsApp, Viber and LINE, Reuters reported.
Matthew Rosenfield, known by the online alias Moxie Marlinspike, published emails on his blog that he claimed were from Yasser D Alruhaily, executive manager of Network & Information Security Governance at Mobily.
"Mobily or its employees never communicated with the author of this blog," the telco said.
"Mobily communicates with information security companies only based on legal and lawful requirements. We never communicate with hackers. Moreover, it is not our job to spy on customers."
Saudi Arabia's telecom regulator, the Communications and Information Technology Commission (CITC), spoke out in early April against Web communication tools and directed the kingdom's telcos to act swiftly to ensure that the online services met "regulatory requirements", according to a Reuters report.
The report followed pledges by the CITC to block VoIP tools Skype and Viber and instant messaging system WhatsApp, if the companies behind the services did not provide Saudi authorities with the means of monitoring the heavily encrypted communications.
Hacker Moxie speculates he was contacted because of past success in the area of man-in-the-middle (MITM) tools, which transparently hijack HTTP network packets. He said he was shown detailed specifications by his alleged Mobily contact.
According to Reuters, when asked to provide copies of the emails alleged to be from Alruhaily, Rosenfield declined.