I'm a security noob, but wouldn't being on the bleeding edge of updates (like with Arch) be just as much as a security vulnerability as a it is a benefit due to the fact that you are getting updates that are not well baked yet?