Welcome to Codebook. It's day 4 of the RSA conference — do you need us to pick anything up from San Francisco?
Facebook CEO Mark Zuckerberg. Photo: Josh Edelson/AFP/Getty Images
Mark Zuckerberg's vision for a new Facebook that focuses on private conversations could end up deepening the social network's misinformation problems.
Driving the news: Zuckerberg posted Wednesday outlining a new emphasis on privacy at Facebook, foreseeing a future that de-emphasizes the News Feed's "digital public square" in favor of private messaging's "digital living room."
The big picture: Zuckerberg believes that encrypted private chats and group communications may one day be a bigger feature on Facebook platforms (including WhatsApp and Instagram) than public-facing social media posts.
Here's the upside, per Zuckerberg: Public social media no longer invites users to "be themselves" without fear or reprisal (deserved or otherwise). Privacy protected by encryption, easier-to-understand settings and self-deleting messages could help reverse that.
The catch: Many of the worst aspects of Facebook's platforms thrive in private spaces that are either invisible or not readily visible to moderators. Emphasizing private group chats could multiply these problems.
Facebook has worked to mitigate some of these problems — including limiting the number of people WhatsApp users can forward messages to, reducing the spread of false stories.
To be sure: No one blames the telephone for the content of phone calls. Private group chats are a difficult gray area between public, many-to-many communications online where most people expect moderation and direct person-to-person communications where they generally do not.
The bottom line: If Zuckerberg is correct about the future of private group communications, this won't be only Facebook's problem. Any communications platform that seeks privacy through encryption will be just as entangled in it.
Go deeper: Facebook's pivot is more than privacy
The NSA is in a "deliberative process" to reconsider its metadata surveillance program, agency head Paul Nakasone said Wednesday at the RSA security conference, confirming reporting that the agency is re-evaluating the future of the controversial bulk surveillance program.
Why it matters: The program was perhaps the greatest shock to national and international trust in U.S. institutions in the decades between Watergate and Trump. Authorization for the program is up for renewal this year.
Background: Metadata is the information surrounding communications but not the communication itself. The NSA collects in bulk the phone number and time of a call, but not the audio of the call itself.
Huawei announced a lawsuit Wednesday night against the United States to reverse a ban on selling its equipment in the United States, Axios' Ina Fried reports.
The big picture: The suit was filed in a Texas federal court. It claims that a ban on its equipment placed in this year's defense authorization is an unconstitutional "bill of attainder" — essentially a law meant to penalize a single target rather than regulate the country as a whole.
Kaspersky Lab tried a similar lawsuit to counter its own federal ban. It failed.
What they're saying: "It is an abuse of the lawmaking process," said Guo Ping, Huawei's rotating chairman, during a webcast. "The U.S. Congress has repeatedly failed to produce any evidence supporting its restrictions on Huawei products."
Read more from Ina.
Microsoft believes hackers linked to Iran have targeted 200 global companies, according to the Wall Street Journal.
The big picture: FireEye has previously identified the hackers as Iranian and believes they date back to at least 2013. Microsoft calls the group Holmium, but most researchers know it as Apt 33, which was behind the infamous Shamoon wiper malware.
Details: Microsoft believes Holmium caused hundreds of millions of dollars of damage at oil-and-gas and heavy-machinery companies as well as international conglomerates with victims from Saudi Arabia to the U.S. to Germany.
Images of German Chancellor Angela Merkel and Donald Trump as well as Stalin, Lenin and Putin on matryoshka dolls. Photo: Kay Nietfeld/picture alliance via Getty Images
New malware discovered by Kaspersky Lab spreads through file sharing over the Pirate Bay site, often used to pirate software.
Details: Kaspersky, who has dubbed the malware "Pirate Matryoshka," says that users who download infected software are directed to a Pirate Bay look-alike phishing site to steal login credentials.
The bottom line: If you can't trust people who steal things, who can you trust?
In a Tuesday newsletter, we noted that the NSA tool GHIDRA shared a name with a recurring monster in the Final Fantasy video games.
Oops: We did not note that Ghidra is also the alternate spelling of King Ghidora, the three-headed monster that fought Godzilla on a number of occasions.
Serious cybersecurity enthusiasts should watch more Godzilla movies.