Current Events in November 2014

Bad news for bloggers as well as their readers: IT researchers in Finland recently discovered a four-year-old comment security bug estimated to affect up to 86 percent of all current WordPress sites.

Finnish IT firm Klikki Oy announced on its own blog that it

has located a critical security vulnerability in WordPress. The problem affects version 3 of the blogging and content management system. According to WordPress's statistics as of November 20, about 86% of all WordPress sites used a vulnerable version. At the time of reporting (September 2014), the percentage was about 90%. In order to exploit the vulnerability, the attacker needs a text entry field such as the comment form which is enabled by default.

WordPress 3 was first introduced in 2010; according to Klikki Oy, the security bug has been present all that time.

By the way, while WordPress was created as a blogging platform -- you know, for people who work at home in their pajamas -- it has since become by far the most widely used content management system anywhere. It users include CNN, eBay, the Guardian and just about everyone else, so don't assume you never visit WordPress sites.

What it means

As a practical matter, what does this mean for blog readers or producers? Blogs that don't allow comments – those with no text entry fields, in other words – basically have nothing to worry about, even if they use WordPress 3. Klikki Oy clarifies that, “The exploit requires a text entry field. A site using a vulnerable version isn't always exploitable.”

As for those blogs which are vulnerable … that's a different matter. If your WordPress 3 blog (or even a blog you occasionally visit and read, whether you leave comments or not) allows the posting of comments without requiring authentication, then a hacker can post a comment containing malicious code targeting any site visitors or administrators.

Klikki Oy was also able to use the exploit to successfully hijack a WordPress site administrator's session – a hacker could then have used that ability to lock the administrator out of his own site, and use it for malicious purposes of his own.

Blogs powered by WordPress version 4.0, released in September, are not vulnerable to this comment bug. However, late last week WordPress released a security update for 4.0, to fix some unrelated cross-site scripting problems.

If you have ever owned a tropical fish tank you would most likely agree cleaning the tank has to be one of the worst jobs ever. Just thinking about it and I have flashbacks. But now, thanks to technology the world is changing and we don't live in the same fish bowl any longer.

We're talking, of course, about Avo, the self-cleaning tropical fish tank.

Avo is packed full of technology and it has all of these creative features that make owning fish simple and easy. It has a self-maintaining filter system, automated heating, plant specific lighting and a modular planting system. Plus at almost 4 gallons it’s the perfect size to hold a Siamese fighting fish or a shoal of small fish. No filter cleaning no water changes. That means clean healthy fish. All you have to do is top off the water and feed your fish friends.

Live plants

It's pretty scientific how it works. Live plants are a big part of the process. Avo has a natural bacterial filter system that works with live plants to create a
a micro-ecosystem within the tank where the fish, plants and bacteria are working together to keep the water healthy.

Plants are the generator for this whole process. They remove the nitrates from the water and they keep algae from growing. They also oxygenate the water and create natural hiding places for the fish.

The bowl has 7 slots around the filter system where you plant the plants. All you will have to do is root the plants into the gravel outside of the tank and then drop them in.

Avo's lighting produces some wavelengths of light that our human eyes can't detect. To us they appear as three colors fading on and off automatically at different times of the day -- soft red light in the morning, daylight white in the day and cool blue in the evening.

But don't worry if you want total darkness when Avo is on. There's an override switch to turn the lights off until the next day.

Avo was created in the UK by a young entrepreneur named Susan Shelley, who developed her concept while studying at The Studio, Loughborough University’s graduate hub. She has raised money through crowd-funding.

On Susans Kickstarter page she states:

"After extensive research, speaking to many fish tank owners and experts I decided I'd design something that takes the stress out of keeping tropical fish and makes fish keeping simple, beautiful and above all enjoyable. After over three years of research and development, plus 18 months of testing I have designed Avo - a self-cleaning fish tank."

Online advance ordering has doubled the first production run to 2000, with delivery due in summer 2015.

You can pre order for $325. Learn more at http://noux.co.uk/avo/

The house smells great and everyone is running around dropping little pieces of turkey and cookies and who knows what else to your dog. You really need to be careful with that "what else." There are some standard things that you are aware of that can poison your dog like chocolate and raisins. There are some other Thanksgiving fixings you just might not think would cause a problem for your dog.

Right off the turkey's back. Turkey skin, you may not want it because of the calories but it's not much better for your dog. The skin holds any type of butter or marinade you may have basted with and it could be pretty tough to digest. It can cause pancreatitis in your dog. They could end up vomiting, have abdominal pain and appear very lethargic.

Dem bones. Those turkey bones or ham bones for that matter are not what you want your dog chewing because they will end up choking on them. They can splinter in the digestive tract. That will be one expensive trip to the ER and it could puncture something inside, leading to unstoppable bleeding and death.

Spice it up. One of the best things about Thanksgiving is the aromas. Those aromas create memories that last a lifetime or, in the case of your dog, end a lifetime. Onions and garlic have sulfides that are toxic to dogs and can lead to anemia. Onions are worse for your dog than garlic and cooking does not reduce toxicity.

Nutmeg can make your dog nuts! It's all throughout the pumpkin pie and everything else. Nutmeg can cause seizures and, in severe cases, death. You don't have to forgo the pumpkin or sweet potatoes -- both have lots of natural vitamins for your dog -- it's the nutmeg in the pie and whatever else that can be harmful.

Sage? Turn the page. Not a good one for your dog -- it can turn their stomach inside out and make them vomit and cramp up.

No licking the bowl with your dog. Raw dough can actually rise in their stomach, causing pain and raw eggs can cause salmonella. It's not good for you or your dog.

Hop to it! Actually, don't. Skip throwing a brew back with your dog. Beer has hops which can be toxic. Skip doing shots of fireball as well. Alcohol and dogs don't mix.

The holidays can be so nutty! Sitting on the table with all those wonderful hors d'oeuvre is usually a bowl full of nuts. Watch out for walnuts and macadamia nuts -- they're toxic for dogs. Within 12 hours of ingesting them, dogs can have trouble standing, tremors, fever and elevated heart rate leading to death.

On the wild side. Wild mushrooms can cause a real problem for your dog’s internal organs, from kidneys to central nervous system. Most mushrooms from the grocery store are OK, but it’s better to be safe than sorry.

Wrap it up and throw it away. Aluminum foil and other things you may be wrapping your dishes with can lead to intestinal obstructions. Also watch the toothpicks and skewers.

888-426-4435 Keep this number handy all year 'round. It's the ASPCA Animal Poison Control Center.

Ranchers Legacy Meat Co., of Vadnais Heights, Minn., is recalling 1,200 pounds of ground beef products.

The meat may be contaminated with E. coli O157:H7.

There are no reports of illnesses associated with consumption of these products.

The recalled products, produced on Nov. 19, 2014, are packaged in plastic cryovac sealed packets, and contain various weights of ground beef.

All of the following products have a Package Code (use by) 12/10/2014 and bear the establishment number “Est. 40264” inside the USDA mark of inspection:

• Ranchers Legacy Ground Beef Patties 77/23
• Ranchers Legacy Ground Chuck Patties 80/20
• Ranchers Legacy USDA Choice Ground Beef 80/20
• Ranchers Legacy USDA Choice WD Beef Patties 80/20
• Ranchers Legacy RD Beef Patties 80/20
• OTG Manufacturing Chuck/Brisket RD Patties
• Ranchers Legacy Chuck Blend Oval Beef Patties
• Ranchers Legacy WD Chuck Blend Patties
• Ranchers Legacy USDA Choice NAT Beef Patties 80/20
• Ranchers Legacy NAT Beef Patties 80/20
• Ranchers Legacy USDA Choice NAT Beef Patties 80/20
• Ranchers Legacy Ground Chuck Blend
• Ranchers Legacy Chuck Blend Bulk Pack NAT Patties
• Ranchers Legacy Chuck Blend NAT Beef Patties

Consumers with questions regarding the recall may call Jeremy Turnquis at (651) 366-6575.

Fabrique Delices of Hayward, Calif., is recalling approximately 14 pounds of sausage products.

The products contain nonfat dry milk, an allergen not declared on the label.

There are no reports of adverse reactions due to consumption of these products.

The products subject to recall are:

• Pieces of “Fabrique Delices, Saucisson A L’ail Garlic Sausage -- Nonfat Dry Milk Added,” each approximately .83-lb each, with product code 5511. The products bear the label of another product, “Fabrique Delices, Saucisson Sec”

The recalled products, produced on November 6, 2014, bears the establishment number “EST 6206” inside the USDA mark of inspection. They were sold through distribution centers in California, Pennsylvania and Texas to institutional and retail outlets.

Consumers with questions about the recall may contact Antonio Pinheiro at (510) 441-9500.   

Bob-Cat is recalling about 4,900 Zero Turn riding mowers.

The steering control arm component can break under normal use, causing driver to lose control and crash.

There have been 22 reports of control arm failure, including failure during use and initial set-up. There have been no reports of injuries.

The CRZ and XRZ model riding mowers have a chassis with an adjustable10-gauge green steel mower deck. The frame, fuel tank, engine compartment and side discharge chute are made of black metal and plastic components.

The mowers have four black wheels, two user-operated lever-arm controls and a gray adjustable high-back seat. The mowers range in size from 76 inches to 79 inches long and 45 inches high. The words “Bob Cat” appear in red lettering on the front of the mower and on top of the mower deck, and in a red and white designed logo on the sides of the mower. The words “TufDeck” and “Professional Cut” appear in white lettering on the front face of the mower deck.

The recalled mowers are:

The plate containing the serial and model number is located under the seat on the frame cross-member.

The mowers, manufactured in the U.S, were sold at Bob-Cat dealerships nationwide from January 2013, to April 2014, for $4,500 to $5,200.

The mowers should be returned to the dealer where purchased for free repairs with a newly designed control arm component. Consumers who completed the warranty registration card were contacted directly by Schiller Grounds Care, Inc, with instructions for obtaining the repair.

Consumers may contact Bob-Cat toll free at (866) 469-1242 between 8 a.m. and 5 p.m. CT Monday through Friday.

Black Friday, the traditional start of the holiday shopping season, is coming up next week. But observant consumers have already seen plenty of deals from major retailers, who are outdoing one another in rolling out early bargains.

This week Walmart announced it is lowering prices of the season's hottest gifts to beat the Black Friday offers its competitors have revealed so far. The announcement coiincides with Walmart's Pre-Black Friday Event that starts today, a week ahead of the big day.

“The retail environment is incredibly competitive and we know that our customers are looking to us for the lowest prices and great deals all season long,” said Duncan Mac Naughton, chief merchandising officer, Walmart U.S. “That’s why we’ve more than doubled the amount of items included in our Pre-Black Friday Event.

Motivation

Retailers like Walmart are pushing up holiday sales promotions for two main reasons. Just like last year, Black Friday falls very late in November, reducing the number of shopping days before Christmas.

But beyond the calendar concerns, retailers are trying to get as many consumer dollars as possible and win over consumers before Black Friday itself. For its part, Walmart said it will match competitors' Black Friday prices on these items:

• 40-inch LED HDTV
• 60-inch TVs from LG and Sony
• A PlayStation 4 offer
• Canon Wireless Printer
• Keurig K-40
• KitchenAid Stand Mixer
• Select Lego sets

On sale now

As part of its pre-Black Friday event, Walmart said it will sell a Samsung 58-inch Class Smart LED HDTV for $698; an iPad Air 2 16 GB WiFi for $489 and throw in a $100 Walmart gift card; an iPhone 6 for $179 with a 2-year service plan on Sprint, AT&T or Verizon; and a Black & Decker 18v 2-Battery NiCad Drill for $69.88 and among other things.

Walmart this week had to confront the downside of a price match offer when it discovered people were making up fake ads for Playstation game consoles at ridiculously low prices. It's amended its policy to exclude matching ads from Amazon.com.

CNBC.com reported that Amazon members with a registered selling account can create a product sale listing. Pulling off the the fraud only required a screen capture of the listing that could be printed out and used to request a Walmart price match.

The National Highway Traffic Safety Administration (NHTSA) is calling on owners of recalled 2002-2007 Jeep Liberty and 1993-1998 Jeep Grand Cherokee vehicles to contact their local dealer to arrange a service appointment to receive the free remedy repair for their vehicles.

Chrysler’s recall remedy addresses fuel tank ruptures and fires that can occur if the vehicle is struck from behind in a low to medium speed crash. NHTSA took the step of testing the remedy and has closed its safety defect investigation because it believes the risk of fuel tank ruptures and fires in lower to medium speed rear end crashes will be reduced by the remedy now offered by Chrysler.

However, NHTSA says it will continue to monitor the remedy and Chrysler’s efforts to notify vehicle owners and its effort to remedy vehicles.

Plenty of parts

Chrysler reports it currently has nearly 400,000 parts available to repair vehicles covered by this recall and will continue to produce parts to ensure they are able to meet consumer demand for the repair. Owners who have concerns regarding their ability to receive parts should contact Chrysler customer service at 1-800-247-9753.

Owners can confirm whether their individual vehicle is part of the recall by using NHTSA’s free VIN look up tool on safercar.gov or by contacting Chrysler customer service at 1-800-247-9753.

Chrysler gets a push

NHTSA has also issued a letter to Chrysler expressing concerns with the manufacturer’s current efforts to repair the recalled vehicles. In its most recent update, Chrysler reports that the company has remedied only approximately 3% of affected vehicles of a population of more than 1.5 million.

The agency is pushing the manufacturer to accelerate efforts to repair the recalled vehicles by proactively reaching out to affected owners with accurate information on the safety defect and the availability of the free remedy repair.

NHTSA is also asking for details on what Chrysler is doing to correct any inaccuracies or delays in dealer communications and actions regarding these issues.

Owners should make sure their vehicles are registered with up-to-date contact information to ensure they receive notices of safety defect recalls from manufacturers. Further, the agency strongly urges all consumers to utilize any of NHTSA’s many alert tools to learn about recalls on www.safercar.gov.

The Pentagon today announced new protections for service members using the military discretionary allotment system. The changes are intended to eliminate the aspects that are most frequently abused by businesses targeting service members.

The military discretionary allotment system allows service members to automatically direct a portion of their paycheck to financial institutions or people of their choosing. However, military personnel using the allotment system instead of other automatic payment options like ACH (Automated Clearing House) can end up losing out on certain legal protections.

In one recent case, a lender almost always used allotments to collect payments for financing contracts to purchase electronics and other consumer goods at inflated prices and with high add-on fees.  In 2010, then-New York Attorney General Andrew Cuomo sued a lender for inflating the purchase price of consumer goods and requiring repayment by allotment.

Much-needed change

“This is an important and much-needed change to DoD policies and one that will protect servicemembers from abusive lending practices,” said Tom Feltner, director of financial services at the Consumer Federation of America.  “Allotments were designed to make it easy to send money home, save and pay a mortgage, not serve as security for credit transactions.”

Under the regulations announced today, new allotments to purchase, lease or rent personal property will be prohibited. Personal property includes vehicles, appliances and consumer electronics. Allotments made for the purpose of savings, insurance premiums, mortgage or rent payments, support for dependents, or investments will not be affected. The changes do not apply to military retirees or Department of Defense civilian employees.

“I applaud Secretary Hagel’s decision to update the military discretionary allotment system to provide critical new protections to service members," said Holly Petraeus of the Consumer Financial Protection Bureau. "In recent years, the allotment system has been used by unscrupulous companies that prey on service members as a quick and secure way to get paid. Many of them have even required payment by allotment."

"While CFPB enforcement actions have recovered millions of dollars for thousands of service members harmed by companies using the allotment system, today’s announcement will help prevent future abuses by addressing the problem at its source," Petraeus said. 

Working group

In 2013, Secretary of Defense Chuck Hagel convened an interagency working group to improve the allotment system following a CFPB enforcement action that recovered 

“I want to thank the CFPB for their partnership in helping to protect those who protect this nation and for their ongoing efforts to increase the financial literacy and readiness of our service members,” Hagel said in June 2013. “However, I remain concerned about the potential misuse of the allotment system by lenders.” Today’s announcement comes after the interagency working group’s review, and will help curb further abuses of the allotment system.

“These new protections are an important step forward and will ensure that allotments are a convenience for servicemembers and not a substitute for determining a servicemember’s ability to repay a loan,” said Feltner.  “However, it is critical that regulators closely monitor the marketplace and put a stop to potential evasions of this new policy.”

The Department of Defense earlier prohibited payday lenders and auto title lenders from using the allotment system to collect payments, andrecently proposed a sweeping expansion of this prohibition to cover longer-term payday installment loans and expensive lines of credit marketed to servicemembers. 

Here's a useful tip if you want to avoid getting your computer hacked: whenever you see one of those “this website is not safe” or “this website will harm your computer” warnings, stay away from that website.

Such advice sounds almost too obvious to mention, yet psychology researchers at Brigham Young University recently determined that it is worth mentioning — more specifically, that even presumably computer-savvy people who “ought to know better” will nonetheless ignore those security warnings.

BYU researchers Bonnie Anderson, Brock Kirwan and Anthony Vance tried a little experiment wherein it appeared that they'd hacked into study participants' personal laptops and caused major damage. That didn't really happen, of course; what happened was, study participants were surveyed about their own attitudes toward computer security.

Then, in an apparently unrelated task, they were asked to use their own computers to log on to a website filled with pictures of Batman, and divide the pictures into two categories: photography or animation.

Damage warnings

The researchers loaded the website with links, many of which had damage-warnings attached to them. Students who ignored too many “warnings” and clicked on links anyway eventually saw a terrifying (though completely fake) message on their screen: a laughing skull and crossbones, a 10-second countdown timer and the words “Say goodbye to your computer,” all courtesy of an alleged “Algerian hacker.” And even those students whose survey answers suggested they took computer security very seriously would often click on those “dangerous” links.

Brock Kirwan, an assistant professor of Psychology and Neuroscience, said that “A lot of people don’t realize that they are the weakest link in their computer security …. The operating systems we use have a lot of built-in security and the way for a hacker to get control of your computer is to get you to do something.”

Or to not do something: consider, for example, how many people don't even bother changing the default passwords on their IP cameras, leaving everything from their baby monitors to their home-security camera feeds accessible to anyone who knows the default code.

Some personal-security matters are beyond your control: if you have and use a credit card, you're at risk if that credit card or any of the stores where you used it get hacked. But as the recent Brigham Young study and the IP camera-password fiasco conclude, many of the worst hackings result from things you can control, yet don't.

In real life, if you visit a compromised website, you won't see a skull-and-crossbones logo or anything else letting you know you made a mistake.

The U.S. Senate Permanent Subcommittee on Investigations has issued a reportasking the serious questions about major banks that consumer advocates have been asking for years.

Have banks purposefully driven up the price of commodities – oil in particular – to the detriment of consumers?

In advance of hearings the subcommittee released its massive report laying out new details about what it says is “the breakdown of the traditional barrier between commercial activities and banking.” The report focuses specifically on the activities of three of the largest banks – Morgan Stanley, JPMorgan Chase and Goldman Sachs.

These banks, it turns out, didn't just trade in commodities options. In many cases they actually purchased the physical commodities for resale.

Senate investigators said the way they managed some of those physical assets caused their prices to rise, allowing the banks to sell the commodities at a higher profit than might have been possible otherwise.

Consumers lose

While that was good for the banks' shareholders, it was not good for consumers since many of the commodities were used in products consumers more or less have to buy.

For example, the subcommittee report says Goldman Sachs purchased huge quantities of aluminum and stored them in warehouses. Goldman bought the company that manages the warehouses and after it took control, the subcommittee says the average time it took to deliver aluminum that had been purchased by end users rose from about 40 days to 600 days.

That delay had the effect of removing aluminum from the market, making the price of the metal more expensive.

“Wall Street’s massive involvement in physical commodities puts our economy, our manufacturers and the integrity of our markets at risk,” said Sen. Carl Levin, D-Mich., the subcommittee’s chairman. “It’s time to restore the separation between banking and commerce and to prevent Wall Street from using nonpublic information to profit at the expense of industry and consumers.”

What about oil?

If buying up aluminum and withholding it from the market could drive up prices for the metal, would it be possible to do the same thing with other commodities – like oil for instance? When consumers suggested that 2008's surge in oil and gasoline prices was due in part to speculators, the notion was laughed off on Wall Street.

But the subcommittee report discloses that, until recently, Morgan Stanley controlled 55 million barrels of oil storage capacity, 100 oil tankers, and 6,000 miles of pipeline. That's not to say that it engaged in any activity that would have caused the price of oil to rise – but it couldn't have been disappointed when oil prices did, in fact, surge.

“Banks have been involved in the trade and ownership of physical commodities for a number of years, but have recently increased their participation in new ways,” said Sen. John McCain, (R-AZ).

McCain and others are expressing concern that the concentration of commodities in the hands of the largest banks will lead to systemic financial risks, like when the collapse of mortgage backed securities triggered the financial crisis.

That's a real concern but the consumer issue may be equally as large. If the price of a vital commodity such as oil were somehow manipulated in a way that caused consumers to spend more money on gasoline – hardly a luxury – then consumers would have less money to spend on other things. That, it would seem, poses an equally large risk to the economy.

If any little girls in your life want to be computer engineers when they grow up and you're looking for corporate-branded role models to inspire them, you'll have to look elsewhere than Barbie. This week Mattel withdrew from circulation its book Barbie: I Can Be A Computer Engineer, after blogger Pamela Ribon discovered and called attention to its bafflingly sexist content.

In the story, Barbie not only gives no indication of being a competent computer engineer, she's actually a bit of a menace: infects her sister's computer and destroys her files with a virus-riddled flash drive pendant she wears around her neck, and is completely incapable of accomplishing even the most basic computer-related task without help from her friends Steve and Brian.

“Hi, guys,” says Barbie. “I tried to send you my designs, but I ended up crashing my laptop — and Skipper’s too! I need to get back the lost files and repair both of our laptops.”

“It will go faster if Brian and I help,” offers Steven.

“Great!” says Barbie.

That's some weapons-grade empowerment messaging, there. This week, Mattel released a statement on Barbie's official Facebook page (cover-photo text: Designed To Inspire #BarbieInspired):

The Barbie I Can Be A Computer Engineer book was published in 2010. Since that time we have reworked our Barbie books. The portrayal of Barbie in this specific story doesn’t reflect the Brand’s vision for what Barbie stands for. We believe girls should be empowered to understand that anything is possible and believe they live in a world without limits. We apologize that this book didn’t reflect that belief. All Barbie titles moving forward will be written to inspire girl's imaginations and portray an empowered Barbie character.

Regrets? A few

Susan Marenco, the unfortunate author-for-hire who wrote the original story, said she regretted letting some stereotypes slip in to her writing. “Maybe I should have made one of those programmers a female – I wish I did.” Still, Marenco added, her assignment was to write about Barbie as a computer-game designer, not a computer engineer. (Anyone who's ever worked in a corporate hierarchy knows such miscommunications aren't rare at all.)

Even if Stephanie and Brianna replaced Steve and Brian, Barbie the computer designer would still be an absolute menace to any company's IT security department. Although, to be fair: writing convincing stories about Barbie as a healthy role model for little girls can't be an easy job. If I tried it, I'd probably fail spectacularly and be fired before the end of my first shift:

“What's wrong, Barbie?” Skipper asked. “Why aren't you designing and implementing systems algorithms, or whatever it is that computer engineers actually do?”

“Because I'd have to sit at a computer to do that,” said Barbie, “and if you take the ratio of my measurements and expand them to fit a typical woman of adult height you'll see it is not physically or biologically possible for a waistline as tiny as mine to hold a living adult torso upright. And most of my internal organs are missing, too. I need an ambulance.”

We have gone from orange is the new black to .. gray. Gray is the "it" color for home interiors for 2015 for the second year in a row.

“This is the first time any color has headlined our forecast in back-to-back years but gray, a near-perfect neutral color, has really caught on,” says Debbie Zimmer, spokesperson for the Paint Quality Institute, which keeps track of such things 

When you first think about gray, you may think of a drab color with not much hue to it. But not so, says Zimmer: “It’s very easy on the eyes. It’s understated and sophisticated. And most tints and shades of gray are ‘chameleon’ colors that change appearance when the light changes, so they provide enormous visual interest.”

Fifty shades of gray actually applies in the paint department. “Gray” refers not just to one color, but to many – running the gamut from delicate silver tints to powerful shades of gunmetal, charcoal, and slate. In each, black and white is present, but often, traces of other colors, too. According to Zimmer, these “trace colors” provide valuable clues as to what works best with a given gray.

Gray is like the middle child -- it gets along with just about every color. In winter you want that cozy feeling in your family room or den and gray has traces of warm hues like red, yellow or brown so it can partner with warm companion colors. There are some shades of gray that have blue and green or just overall seem cooler so of course they flow better with colors that have cooler tones.

You can't go wrong with a classic, says Zimmer, and gray with all of its differential shades on the color spectrum is a natural for any room you may be redecorating. And because it is a classic if you decide to go from New Age to Southwest decor gray can fit in. You may need new furniture but you won't have to repaint your walls.

REFA Enterprises is recalling one lot each of Forever Beautiful Bee Pollen (UPC # 6333090804632) and Forever Beautiful Infinity UPC # 633090804649), which were marketed as dietary supplements for weight loss.

The products have been found to contain undeclared Sibutramine or a combination of both Sibutramine and Phenolphthalein.

The appetite suppressant, sibutramine, was withdrawm due to increased risk of seizures, heart attacks, arrhythmia and strokes. Phenolphthalein is an ingredient previously used in over-the-counter laxatives, but because of concerns of carcinogenicity, it is not currently approved. The undeclared ingredients make these products unapproved new drugs for which safety and efficacy have not been established.

Sibutramine can increase blood pressure and/or pulse rate in some patients and may present a risk for those with a history of coronary artery disease, congestive heart failure, arrhymias or stroke. The products may also interact in life threatening ways with other medications a consumer may be taking.

Health risks associated with phenolphthalein could include potentially serious gastrointestinal disturbances, irregular heartbeat, and cancer with long-term use.

The company has not received any reports of adverse events related to this recall.

Both recalled products were packaged in bottles of 60 capsules and was distributed via the Internet to consumers nationwide from July 7, 2014 – November 3, 2014.

Consumers who have the recalled product should stop it and return it to REFA Enterprises.

Consumers with questions may contact REFA Enterprises at (757) 420-1122 Monday – Friday 12:00 p.m. – 6:00 p.m. EST or by email at support@fbbpshop.com

Leatherman Tool Group of Portland, Ore., is recalling about 8,400 Leatherman Leap multi-tools in the U.S. and Canada.

The lock mechanism on the optional knife blade can inadvertently release the blade, posing a laceration hazard.

No incidents or injuries have been reported.

This recall involves the Leatherman Leap multi-purpose tool that was designed for users age 9 and up. The multi-tool has a green, blue or red plastic casing with two screws, one on each handle of the tool. It consists of combination needlenose and regular pliers, wire cutters, wood saw, ruler, tweezers, soda bottle opener, optional 420HC (high carbon stainless steel) knife blade, scissors, phillips screwdriver, and small and medium slotted screwdrivers. The words Leatherman and Leap appear on one side of the multi-tool.

The multi-purpose tool, manufactured in the U.S., was sold at Bass Pro Shop, Cabela’s and retailers nationwide, including knife and sporting goods online stores, from August 2014, through September 2014, for about $54.

Consumers should not install the optional knife blade or should immediately stop using the multi-tool with the installed optional knife. Consumers should contact Leatherman for a free replacement multi-tool, including shipping.

Consumers may contact Leatherman toll-free at (888) 212-2438 from 7 a.m. to 5 p.m. PT Monday through Friday.

K. Heeps of Allentown, Pa., is recalling approximately 2,902 pounds of bratwurst and bangers sausage products.

The products contain soy lecithin; a releasing agent used on contact surfaces during production and an allergen not listed on the label.

There are no reports of adverse reactions due to consumption of these products.

The following products are subject to recall:

• 1-lb. retail packages or 20-lb. bulk packages containing “ALL NATURAL ARTISAN PORK RECIPE STRYKER FARM IRISH STYLE BANGERS.”
• 1-lb. retail packages or 20-lb. bulk packages containing “ALL NATURAL ARTISAN PORK RECIPE STRYKER FARM BEER BRATWURST.”

The products were packaged on various dates from May 21, 2014, through Nov. 5, 2014, bear the establishment number “EST. 9379A” inside the USDA mark of inspection, and were sold to a single vendor, who further distributed them to restaurants and retailers in Pennsylvania.

The problem was discovered during a periodic label review by FSIS inspection personnel. This was not disclosed on the product label. FSIS and the company have received no reports of adverse reactions due to consumption of these products. Anyone concerned about an injury or illness should contact a healthcare provider.

FSIS routinely conducts recall effectiveness checks to verify that recalling firms have notified customers and taken steps to make certain that products are no longer available to customers.

Consumers with questions about the recall may contact Beau Heeps, at qa@heeps.com or at 1-610-530-5564.

General Motors is recalling 1,022 model year 2015 Cadillac Escalade and Escalade ESV vehicles.

The passenger side instrument panel top cover on the affected vehicles may have been manufactured using an incorrect spacer fabric, causing a reduction of adhesion between the spacer fabric and the vinyl show surface. This reduced adhesion may result in inconsistent passenger air bag deployment, increasing the risk of personal injury in the event of a crash necessitating air bag deployment.

GM will notify owners, and dealers will replace the instrument panel top cover, free of charge. The manufacturer has not yet provided a notification schedule.

Owners may contact Cadillac customer service at 1-800-458-8006. GM's number for this recall is 14686.

Graco Children’s Products of Atlanta, Ga., is recalling nearly 5 million children's strollers in the U.S., Canada and Mexico.

The folding hinge on the sides of the stroller can pinch a child’s finger, posing a laceration or amputation hazard.

The company has received 11 reports of finger injuries including 6 reports of fingertip amputation, 4 reports of partial-fingertip amputation and 1 finger laceration.

This recall includes eleven Graco and Century-branded strollers. All models are a single-occupant stroller with an external sliding fold-lock hinge on each side and a one-hand fold release mechanism on the handle.

Strollers with a manufacture date from August 1, 2000 to September 25, 2014 are included in the recall. Model numbers and the date of manufacture are printed on the white label located at the bottom of the stroller leg just above the rear wheel.

The model names and numbers included in the recall are:

The strollers, manufactured in China, were sold at Target, Toys R Us, Walmart and other retail stores nationwide and online at Amazon.com, Walmart.com and other online retailers from August 2000, through November 2014, for about $40-70 for the stroller and about $140-$170 for the Travel System.

Consumers should contact Graco immediately for a free repair kit. Repair kits will be available from the firm at the beginning of December 2014. While waiting for a repair kit, caregivers should exercise extreme care when unfolding the stroller to be certain that the hinges are firmly locked before placing a child in the stroller. Caregivers are advised to immediately remove the child from a stroller that begins to fold to keep their fingers from the side hinge area.

Consumers may contact Graco Children’s Products at (800) 345-4109 from 8 a.m. to 5 p.m. ET Monday through Friday.