Its not true the assumption 'is much less prone to false positives' and yes it is less deeper, look http://sourceforge.net/mailarchive/message.php?msg_id=28258660
And also you can try the new version of Unhide (not yet published) http://sourceforge.net/projects/unhide/files/unhide_20121229.tgz/download Cheers 2013/1/4 Christoph Anton Mitterer <[email protected]> > On Fri, 2013-01-04 at 15:46 +0100, Johan Walles wrote: > > Can you post the output of running unhide.rb (from the package of the > same > > name) on the system where you're seeing false positives with aptitude? > I checked with unhide.rb ... and it shows no hidden processeds when > aptitude is running (i.e. it is in the package list view... I must admit > that I do not exactly remember what I did back then in aptitude). > > I've also checked again with "normal" unhide... and while it shows 1 > hidden process... it seems not to be connected with aptitude running. > > > > > The ruby version is much faster than the C version and is much less prone > > to false positives. > But doesn't the ruby version check much less? > > > > Anyway... from that I'd guess we could close this bug. > > > Cheers, > Chris. > > _______________________________________________ > forensics-devel mailing list > [email protected] > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel >
