Note: A practical guide for hardening individual services can be found here. Abstract Chromium OS strives to make remote attacks more difficult by using multiple techniques ranging from privilege minimization to compile-time hardening. A phased approach to system hardening is proposed to iteratively reduce the exposed attack surfaces and increase the number of defensive layers. This document lays