OpenBSD binpatches and package updates

What this means:<p>Some people wanted bin-patches apparently, openbsd is heavily focusing on using its resources as efficiently as possible and doesn&#x27;t provide them, a reliable 3rd party stepped up providing them for free, charging for binpatches for older versions (a service model built on top of open source software, nothing wrong with that)<p>A few points:<p>-) since mtier here tries to basically sell you something, they make it sound harder than it seems, checking the errata page, writing a 20 line script to get notified if the page is updated, that&#x27;s enough<p>-) not every bug found is critical towards your own security, not every bug does need you to update (you can decide on an individual basis)<p>-) micro-managing (as one comment stated) is pretty much the opposite of what you do with openbsd, openbsd is secure by default, if you want to have anywhere near the same amount of security with some other OS have fun reading tons of documentation to harden the box yourself (and you still won&#x27;t have all the same security mitigations)<p>-) updates are trivial: update, re-compile, reboot, if the bug is not critical for you then don&#x27;t, or use -current (rolling release &quot;development branch&quot;), or use the bin-patch by mtier<p>-) I doubt some of the people here criticising &quot;having to use&quot; 3-rd party binpatches practice the same scrutiny in day-to-day life regarding it-security (seeing how other OSs deal with security they would probably be using openbsd by now then if they were)<p>-) considering the size of the openbsd project and how many critical pieces of security-focused utilities they maintain (openssh, libressl, opensmtpd, ...), how many security mitigations they implement, how well they do in regularly auditing their code and actually addressing bugs across multiple architectures quickly with patches provided (especially compared to so many so much larger projects), it&#x27;s somewhat ridiculous for an outsider to criticise how they spend their time or resources (because in my opinion and in the opinion of many others, they actually do hell of a great job!)

<i></i><i>&quot;Keeping your installed OpenBSD packages up to date is hard and time-consuming.&quot;</i><i></i><p>I find it very easy. I follow stable and upgrade every six months. Upgrades take about 30 minutes max.

Does it seem a little embarrassing to anyone else that this is necessary? OpenBSD is supposedly the most secure nix platform available, and yet users have to resort to third-parties to get functionality that is available on nearly every other nix system by default.