Welcome to Codebook. It's day 4 of the RSA conference — do you need us to pick anything up from San Francisco?

Mark Zuckerberg's vision for a new Facebook that focuses on private conversations could end up deepening the social network's misinformation problems.

Driving the news: Zuckerberg posted Wednesday outlining a new emphasis on privacy at Facebook, foreseeing a future that de-emphasizes the News Feed's "digital public square" in favor of private messaging's "digital living room."

The big picture: Zuckerberg believes that encrypted private chats and group communications may one day be a bigger feature on Facebook platforms (including WhatsApp and Instagram) than public-facing social media posts.

Here's the upside, per Zuckerberg: Public social media no longer invites users to "be themselves" without fear or reprisal (deserved or otherwise). Privacy protected by encryption, easier-to-understand settings and self-deleting messages could help reverse that.

The catch: Many of the worst aspects of Facebook's platforms thrive in private spaces that are either invisible or not readily visible to moderators. Emphasizing private group chats could multiply these problems.

• Mobs in India enraged by WhatsApp messages killed dozens of people falsely believed to be kidnappers in 2018.
• In the U.S., hyperpartisan fringe groups congregate in Facebook's private areas. "Facebook groups are where unsavory narratives ferment and are spread, often with directions about how to achieve maximum impact," noted Nina Jankowicz, global fellow at the Wilson Center, via email.
• These can become echo chambers of false content and propaganda without much oversight from Facebook.

Facebook has worked to mitigate some of these problems — including limiting the number of people WhatsApp users can forward messages to, reducing the spread of false stories.

To be sure: No one blames the telephone for the content of phone calls. Private group chats are a difficult gray area between public, many-to-many communications online where most people expect moderation and direct person-to-person communications where they generally do not.

The bottom line: If Zuckerberg is correct about the future of private group communications, this won't be only Facebook's problem. Any communications platform that seeks privacy through encryption will be just as entangled in it.

Go deeper: Facebook's pivot is more than privacy

The NSA is in a "deliberative process" to reconsider its metadata surveillance program, agency head Paul Nakasone said Wednesday at the RSA security conference, confirming reporting that the agency is re-evaluating the future of the controversial bulk surveillance program.

Why it matters: The program was perhaps the greatest shock to national and international trust in U.S. institutions in the decades between Watergate and Trump. Authorization for the program is up for renewal this year.

Background: Metadata is the information surrounding communications but not the communication itself. The NSA collects in bulk the phone number and time of a call, but not the audio of the call itself.

• Luke Murry, a Republican congressional aide, claimed on the Lawfare podcast the NSA hadn't used the program in more than half a year.
• The NSA isn't the final authority on ending the program — the White House would be. It is reportedly in the early stages of terminating the program entirely, amid technical problems and increasing doubt that the program yields much valuable intelligence.

Huawei announced a lawsuit Wednesday night against the United States to reverse a ban on selling its equipment in the United States, Axios' Ina Fried reports.

The big picture: The suit was filed in a Texas federal court. It claims that a ban on its equipment placed in this year's defense authorization is an unconstitutional "bill of attainder" — essentially a law meant to penalize a single target rather than regulate the country as a whole.

Kaspersky Lab tried a similar lawsuit to counter its own federal ban. It failed.

What they're saying: "It is an abuse of the lawmaking process," said Guo Ping, Huawei's rotating chairman, during a webcast. "The U.S. Congress has repeatedly failed to produce any evidence supporting its restrictions on Huawei products."

Read more from Ina.

Microsoft believes hackers linked to Iran have targeted 200 global companies, according to the Wall Street Journal.

The big picture: FireEye has previously identified the hackers as Iranian and believes they date back to at least 2013. Microsoft calls the group Holmium, but most researchers know it as Apt 33, which was behind the infamous Shamoon wiper malware.

Details: Microsoft believes Holmium caused hundreds of millions of dollars of damage at oil-and-gas and heavy-machinery companies as well as international conglomerates with victims from Saudi Arabia to the U.S. to Germany.

New malware discovered by Kaspersky Lab spreads through file sharing over the Pirate Bay site, often used to pirate software.

Details: Kaspersky, who has dubbed the malware "Pirate Matryoshka," says that users who download infected software are directed to a Pirate Bay look-alike phishing site to steal login credentials.

• If the user enters their username and password, the malware will use the user's machine to share itself with other people.
• Whether or not the user falls for the phishing scam, the malware attempts to install a massive number of programs that pay an affiliate for each new machine they can install their software on. Most of those programs are unwanted toolbars and ad programs.

The bottom line: If you can't trust people who steal things, who can you trust?

In a Tuesday newsletter, we noted that the NSA tool GHIDRA shared a name with a recurring monster in the Final Fantasy video games.

Oops: We did not note that Ghidra is also the alternate spelling of King Ghidora, the three-headed monster that fought Godzilla on a number of occasions.

• Ghidora is an influential "kaiju." Rapper MF Doom briefly used the name King Geedorah as an alias for the 2003 album "Take Me to Your Leader."

Serious cybersecurity enthusiasts should watch more Godzilla movies.

• Senators want to make the intelligence community's assessment of Trump's statements on China public. (Sen. Ron Wyden, D-Ore.)
• Newly discovered malware communicates via Slack. (Trend Micro)
• The U.S. government has some inefficiency managing cybersecurity, according to federal watchdog GAO. (GAO)
• Machine learning can predict vulnerability severity via Tweets. (Wired)
• Academics showed how to use a hard drive as a microphone. (The Register)
• Update your Chrome. (ZDNet)
• Why ji32k7au4a83 is one of the most common passwords. (Gizmodo)
• A deep dive on the Triton malware. (E&E News)
• What if artificial intelligence wasn't an "arms race"? (Washington Post)
• "The last Blockbuster in the U.S. is now the last Blockbuster in the world." (The Verge)