Safe and Secure

Following are the Consumer Product Safety Commission recall announcements for November 18 to December 12, 2005.

Chuck E. Cheese’s - Plastic Siren Whistles

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), Chuck E. Cheese’s (CEC Entertainment), of Irving, Texas is voluntarily recalling about 144,000 Plastic Siren Whistles. The recalled plastic siren whistle’s internal pieces can detach from the toy, posing a choking hazard to children.

J & F Design Inc. - Girl’s Sleepwear Sold at J.C. Penney Stores

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), J & F Design, Inc., of Bell, Calif. is voluntarily recalling about 18,800 Bobby Jack™ pajama sets. These pajamas sets fail to meet the federal mandatory standard for flammability of children’s sleepwear under the Flammable Fabrics Act. This poses a risk of burn injuries to children.

Kawasaki Motors Corp. U.S.A. - All-Terrain Vehicles

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), Kawasaki Motors Corp., U.S.A., of Irvine, Calif. is voluntarily recalling about 21,900 Kawasaki 2005 model year Brute Force ATVs. Tie rod separation caused by either wear or severe impact can occur during operation, causing the front wheel to separate from the steering control. Separation of the tie rod can cause the rider to lose control of the ATV, resulting in a serious injury or death to the rider.

Toshiba America Consumer Products LLC - DVD Home Theater Systems

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), Toshiba America Consumer Products LLC, of Wayne, N.J. is voluntarily recalling about 4,100 DVD Home Theater Systems. A problem in the system’s circuit board could pose a fire hazard.

King of Fans Inc. - Oil-Filled Radiator Heaters

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), King of Fans Inc. of Fort Lauderdale, Fla. is voluntarily recalling about 202,000 Maxi-Heat™ Electric Oil-Filled Radiator Heaters. Welds in the heating fins can break, allowing oil to leak. This poses a burn and fall hazard to consumers.

Ideal Distributors Inc. - Pacifiers

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), Ideal Distributors Inc., of Chicago, Ill. is voluntarily recalling about 1,000 Cachito Pacifiers. The nipples can detach from the base, posing a choking hazard to young children.

Stravina Operating Co. - Children’s Metal Necklaces and Zipper Pulls

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), Stravina Operating Co., LLC, of Chatsworth, Calif., is voluntarily recalling about 6 million children’s metal necklaces and zipper pulls. The recalled metal jewelry contains high levels of accessible lead in the metal and/or the paint, posing a serious risk of lead poisoning to young children. Lead is toxic if ingested by children and can cause adverse health effects.

Porter-Cable - Repair Circular Saws

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), Porter-Cable, of Jackson, Tenn., is voluntarily recalling about 196,000 Porter-Cable® 7¼-inch MAG-Saw™ Circular Saws. The lower guard on these saws could stick in the open position, posing a risk of severe lacerations to consumers.

Yamaha Corporation of America - Synthesizers

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), Yamaha Corporation of America, of Buena Park, Calif., is voluntarily recalling about 1,100 S90 ES Synthesizers. The unit could emit loud “white noise” when turned off and turned on again under high temperature conditions, which could possibly damage a consumer’s hearing.

Sanus Systems - Television Wall Mounting Units

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), Sanus Systems, of St. Paul, Minn., is voluntarily recalling 14,000 VisionMount model VMSA swing-arm television wall-mounting units. An undersized shaft within the wall mounting unit can cause the product’s main support component to loosen. As a result, the unit and the television it is supporting can fall from the wall, posing a risk of injury to consumers.

Starbucks Coffee Company - Ceramic Teapots

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), Starbucks Coffee Company, of Seattle, Wash., is voluntarily recalling about 257 Ceramic Teapots. The teapots are labeled safe for microwave use, but the handles can become hot in the microwave oven. This poses a possible burn hazard to consumers.

Louisville Ladder Inc. - Industrial Ladders

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), Louisville Ladder Inc., of Louisville, Ky., is voluntarily recalling about 3,000 Multi-Purpose, Step-to-Straight, Combination, Manhole and Extension Trestle Ladders. The rung on the ladders could break near the side rail causing the user to fall.

Haier America Trading LLC - Oscillating Electric Tower Fans

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), Haier America Trading LLC, of New York, N.Y., is voluntarily recalling about 150,000 Oscillating Electric Tower Fans. Internal electrical arcing in the fan can cause a fire hazard.

Delta Enterprise Corp. - Certain Cribs Sold at Toys R Us Stores

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), Delta Enterprise Corp., of New York, N.Y., is voluntarily recalling about 335 Lov’s “Europa” Natural Color Cribs. The crib’s paint contains high levels of lead. Lead poisoning in children is associated with behavioral problems, learning disabilities, hearing problems and growth retardation.

Wal-Mart Stores Inc. - Toy Sets

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), Wal-Mart Stores Inc., of Bentonville, Ark., is voluntarily recalling about 7,200 10-in-1 Activity Trunks by Kid Connection. Some of the toys in these trunks contain small parts, posing a choking hazard to young children.

International Playthings Inc. - Toy Vehicles

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), International Playthings Inc., of Parsippany, N.J., is voluntarily recalling about 6,000 Flexitoys Monster-Size Vehicles. Small parts can detach, which pose a choking hazard to young children.

International Playthings Inc. - Viking Chubbies Toy Cars

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), International Playthings Inc., of Parsippany, N.J., is voluntarily recalling about 1,900 Viking Chubbies Toy Cars. The heads on the figures sold with the cars can detach, posing a choking hazard to young children.

Retailers - Waterless Vaporizers and Aromatherapy Diffusers

In cooperation with the U.S. Consumer Product Safety Commission (CPSC), various retailers, including Wal-Mart, are voluntarily recalling about 10,000 Vapor-Eze Waterless Vaporizers and 5,000 Vapor-Eze Aromatherapy Diffusers. A defective internal heater in the recalled vaporizers and diffusers can cause sparking and emit flames while in use. This poses a fire, burn and shock hazard to consumers.

ISO ratings are used by your insurance company to help set your homeowners insurance rates. They also can provide some insight into your area’s overall fire safety. ISO rates fire departments and also rates city’s based on building codes.

The Public Protection Classification Program for fire departments rates departments on a scale of 1 to 10, with 1 being the best possible score. A score of 10 is not the worst outcome; the worst possible is to fail to qualify for rating. A better rating generally means a better equipped department with better reliable water sources and a better rating results in lower homeowner’s premiums, all other factors being equal. Requirements to receive a rating of 8 or better in the PPC program are:

To receive a Public Protection Classification (PPCTM) of Class 8 or better, a community must first have the minimum facilities and practices needed to get a PPC rating and must meet the minimum criteria for Class 9. In addition, the community must have these additional minimum facilities:
* There must be a minimum water supply of 250 gpm for a two-hour duration for fire protection in the area.

If the fire department delivers the 250 gpm through tanker shuttle, large-diameter hose, or other alternative water supply, the water must be available within five minutes of the arrival of the first due apparatus, and the department must maintain the flow, without interruption, for the two-hour duration.
* The fire department must have at least one piece of suitably equipped apparatus with a pump of at least 250-gpm capacity rated at 150 psi.

Source: ISO Mitigation

Remember the old adage, “If it sounds too good to be true, it probably is.” Then remember that you have never provided the IRS with your email address. So, when the message comes from “the IRS” that says you have a tax refund and takes you to the “IRS” website to enter credit card details - delete it or forward it to the proper authorities. The current one making the rounds takes advantage of a glitch in a government website to take you to that website first, making the email look more legitimate, but it’s really this simple - the IRS sends refund checks automatically in the mail as long as they have your current address. They don’t send refunds out by email. If you want to make sure you’re getting the refunds you have coming make sure IRS has your current address. If you’re still unsure, contact the IRS directly, but don’t click on phishy emails.

A spam e-mail message has been sent around the world telling people they are eligible for a $571.94 tax refund from the IRS. The e-mail offers a link to a fraudulent IRS Web site, but the link actually goes through a legitimate government Web site that only last month was promoted by President Bush.

“This is more advanced than the typical phish, because the Web link really does–at first–take you to the real tax benefit Web site,” said Graham Cluley, senior technology consultant for U.K. security vendor Sophos. “Unfortunately the way the government Web site has been configured allows the phishers to bounce the unwary in their direction.”

The link in the phishing e-mail goes to a forged IRS Web site that asks for a Social Security number, tax return filing code and credit card details including security code and PIN.

Phishers use IRS tax refund as bait | CNET News.com

A series of home invasion robberies in Newton County in southwest Missouri have been targeting elderly residents. The robbers rip out the phone lines, threaten the residents for cash and valuables and rough them up if they don’t cooperate. One resident summoned help by pressing her Medicalert bracelet, which scared away the robbers. In almost all cases the invasion began with a knock on the door. The local Sheriff Ken Copeland said, “If somebody you don’t know comes to your door, don’t open it, call the Sheriff’s office.”

The robbery of an elderly woman at 11:40 a.m. Wednesday on Old Scenic Route again involved two men who entered through the victim’s back door.

“They actually did shove her down,” Jennings said. “But they were not able to obtain anything because she had one of those electronic medical alerts, and when she activated it, it apparently scared them off.”

The woman did not require medical attention for any injuries suffered in the incident, he said.

According to the U.S. Department of Justice, nearly 30 of every 1,000 households in the U.S. were burglarized in 2004. Such statistics may not induce you to install iron bars on your windows and hire a 24-hour security guard, but they should compel us to take home security seriously. After all, it takes only one robbery for you or your loved ones to lose your most valued possessions. Taking these easy steps can ensure that you’re doing all you can to prevent burglary.

1. Invest in Solid Doors, Locks and Windows
2. Conceal Valuables from Sight
3. Install Outdoor Lighting
4. Always Keep Valuables Locked
5. Adopt Street-Smart Habits
6. Get to Know Your Neighbors
7. Report Suspicious Activity in Your Neighborhood
8. Start a Community Watch Program
9. Get a Dog
10. Invest in a Home Security System

TheNewMexicoChannel.com - House and Home - Ten Steps To Home Security

In an ironic twist a scam artist in the Mission, Texas area has been posing as a salesman for home security service ADT. He collects cash from the homeowner to pay for an alarm installation and then is never seen again. As with any salesman, check the bona fides of alarm salesman. Call the company’s local office - using the number in the phonebook, not the one on the salesman’s business card. And don’t pay cash for something like this. Use a check made out in the company name.

One victim paid $2,300 for a security system, but has nothing more than some wires around his house.

Scam artist posing as home security salesman - NEWSCHANNEL 5

The latest threat to hit the internet is a variant of the Sober worm that passes itself off as an email from the CIA or FBI. Several different assessments rate the threat from this worm as anywhere from medium to severe.

This variant of Sober generates e-mails that purport to be from the CIA or FBI. These messages tell the recipient they have been looking at illegal Web sites and should answer some questions in the e-mail’s attachment. If the attachment is opened, the computer is infected, and the virus sends copies of itself to any e-mail addresses found on the hard drive.

Latest Sober threatens e-mail gateways | Tech News on ZDNet

The SANS Institute has released its 2005 Top-20 Internet Security Vulnerabilities and this year a new category - Cross Platform Applications - takes the spotlight. Of particular concern and new to the list this year is backup software which often deals with a company’s or individual’s most sensitive data.

Four years ago, the SANS Institute and the National Infrastructure Protection Center (NIPC) at the FBI released a document summarizing the Ten Most Critical Internet Security Vulnerabilities. Thousands of organizations used that list, and the expanded Top-20 lists that followed one, two, and three years later, to prioritize their efforts so they could close the most dangerous holes first. The vulnerable services that led to worms like Blaster, Slammer, and Code Red have been on these lists.

Source: SANS Top 20 Vulnerabilities - The Experts Consensus

A number of consumers have run into problems with home security monitoring contracts including automatic renewals, one-sided contracts and excessive penalties for early cancellation. One widow was dunned over $1,500 for a contract signed by her deceased husband with repeated letters addressed to “Mr. and Mrs.” at her new address. As with any contract, you should read everything, but the irony here is in needing a watchdog to police those whose job is to protect our assets.

Gereg noted that a contract may have terms that will not be upheld in court. A trade official says that alarm-monitoring contracts often provide for automatic renewals, but a state law on real estate and personal property specifies how a customer must be notified of such provisions in contracts lasting more than 30 days, according to Christine Pritchard, a spokeswoman for State Attorney General Eliot Spitzer.

In April, Spitzer announced a settlement with a Tarrytown-based home-security company following alleged violations related to automatic renewals. “Laws governing automatic renewal clauses in contracts are designed to protect consumers against unknowingly locking themselves into open-ended contracts,” Spitzer said then.

Newsday.com: Sounding a home security alarm: Check the contract

Following is a list of Sony BMG Music CDs affected by the copy protection software or “rootkit” which creates a security vulnerability, information on Sony’s recall program and further uninstall information. Note that the list is provided by Sony and offered here without guarantee of any sort. There may be additional CDs from Sony or from other vendors with the same or similar programs not on the list.

CD’s Containing XCP Content Protection Technology:

ARTIST ALBUM ITEM NUMBER(S) UPC(S)
1 A Static Lullaby Faso Latido CK92772 827969277225
2 Acceptance Phantoms CK89016 696998901629
3 Amerie Touch CK90763 827969076323
4 Art Blakey Drum Suit CK93637 827969363720
5 The Bad Plus Suspicious Activity? CK94740 827969474020
6 Bette Midler Sings the Peggy Lee Songbook CK95107 CK74815 827969510728 828767481524
7 Billy Holiday The Great American Songbook CK94294 827969429426
8 Bob Brookmeyer Bob Brookmeyer & Friends CK94292 827969429228
9 Buddy Jewell Times Like These CK92873 827969287323
10 Burt Bacharach At This Time CK97734 827969773420
11 Celine Dion On Ne Change Pas E2K97736 827969773628
12 Chayanne Cautivo LAK96819 LAK96818 LAK95886 037629681921 037629681822 037629588626
13 Chris Botti To Love Again CK94823 827969482322
14 The Coral The Invisible Invasion CK94747 827969474723
15 Cyndi Lauper The Body Acoustic EK94569 827969456927
16 The Dead 60’s The Dead 60’s EK94453 827969445327
17 Deniece Williams This Is Niecy CK93814 827969381427
18 Dextor Gordon Manhattan Symphonie CK93581 827969358122
19 Dion The Essential Dion CK92670 827969267028
20 Earl Scruggs I Saw The Light With Some Help From My Friends CK92793 827969279328
21 Elkland Golden CK92036 827969203620
22 Emma Roberts Unfabulous And More: Emma Roberts CK93950 CK97684 827969395028 827969768426
23 Flatt & Scruggs Foggy Mountain Jamboree CK92801 827969280126
24 Frank Sinatra The Great American Songbook CK94291 827969429129
25 G3 Live In Tokyo E2K97685 827969768525
26 George Jones My Very Special Guests E2K92562 827969256220
27 Gerry Mulligan Jeru CK65498 74646549827
28 Horace Silver Silver’s Blue CK93856 827969385623
29 Jane Monheit The Season EK97721 827969772126
30 Jon Randall Walking Among The Living EK92083 827969208328
31 Life Of Agony Broken Valley EK93515 827969351529
32 Louis Armstrong The Great American Songbook CK94295 827969429525
33 Mary Mary Mary Mary CK94812 CK92948 000768353721 827969294826
34 Montgomery Gentry Something To Be Proud Of: The Best of 1999-2005 CK75324 CK94982 828767532424 827969498224
35 Natasha Bedingfield Unwritten EK93988 827969398821
36 Neil Diamond 12 Songs CK94776 CK97811 827969477625 827969781128
37 Nivea Complicated 82876671562 828766715620
38 Our Lady Peace Healthy In Paranoid Times CK94777 827969477724
39 Patty Loveless Dreamin’ My Dreams EK94481 827969448120
40 Pete Seeger The Essential Pete Seeger CK92835 827969283523
41 Ray Charles Friendship CK94564 827969456422
42 Rosanne Cash Interiors CK93655 827969365526
43 Rosanne Cash King’s Record Shop CK86994 696998699427
44 Rosanne Cash Seven Year Ache CK86997 696998699724
45 Shel Silverstein The Best Of Shel Silverstein CK94722 827969472224
46 Shelly Fairchild Ride CK90355 827969035528
47 Susie Suh Susie Suh EK92443 827969244326
48 Switchfoot Nothing Is Sound CK96534 CK96437 CK94581 827969653425 827969643723 827969458129
49 Teena Marie Robbery EK93817 827969381724
50 Trey Anastasio Shine CK96428 827969642825
51 Van Zant Get Right With The Man CK93500 827969350027
52 Vivian Green Vivian CK90761 827969076125

Notes from Sony:

• Sony will shortly be releasing new versions of these titles without the XCP software. You therefore need to check this list for both the name of the album and the item number (which can be found on the spine of the CD). If the item number is not listed below, your CD does not contain XCP content protection. Please note, DualDiscs do not use XCP content protection and are therefore not included in this program.
• Two titles, Ricky Martin’s “Life” and Peter Gallagher’s “7 Days in Memphis” were released with a content protection grid on the back of the CD packaging but XCP content protection software was not actually included on the albums.

Sony has instituted a recall or “exchange program” which allows CD purchasers to receive a rootkit free replacement CD by mail and to download MP3s of the music on the CD while waiting for the replacement. Details here.

Final note: The web based uninstall program provided for the software actually creates a larger security vulnerability by installing a Visual Basic script called “CodeSupport”. More information, including a CodeSupport detector and information on deleting Code Support, is available from Freedom To Tinker.