ProPolice Stackguard on steroids gcc modification: machine-independent (well, kind of...) Function prologue puts random canary on stack next to return address Function epilogue checks random canary for modification Rearranges stack to put buffers closer to return address so flags and pointers are lower, harder to hit so overflows are more likely to hit canary If canary is modified, alert & kill process (Will not work on hppa yet) Very low overhead.