Guix intentionally does not patch security vulnerabilities if those fixes happen to be in proprietary blobs. Their stance on security is completely reckless and Guix has no place near my devices.
How do you know these blobs fix anything and aren't just padded up for checksum dofference? Do you disassemble and analyze these things? Do you trust companies?
In my experience, most security patches are future proofing. What's wrong with having a locked down firewall, not running weird software, and setting up apparmor or selinux?
People will go on using open source OSs and libraries, SW, but not those under the GNU moniker. And while desktop linux is a niche it is important to have choices and that it works well with existing hardware.
Practicality outlives idealism and I'm glad the kernel developers see this (while worrying about its open source and free nature).
There are plenty of very widely used Linux distros using GNU software that include proprietary blobs. eg. Fedora, Debian, Ubuntu, SUSE, Arch, ... It's not an either-or.
In my experience, most security patches are future proofing. What's wrong with having a locked down firewall, not running weird software, and setting up apparmor or selinux?