Ubuntu says
Use canonical Livepatch to increase security between restarts.
I have to sign in to do this, so is it worth setting up? I'm not sure what it is, the box is unticked.
The more secure the better, but is it worth it? How complicated is this?
Livepatch allows you to install some critical kernel security updates without rebooting your system, by directly patching the running kernel.
It does not affect regular (not security-critical) kernel updates, you still have to install those the regular way and reboot. It does not affect updates to other non-kernel packages either, which don't require a reboot anyway.
On a regular home or office computer, which does get rebooted daily (or every few days to weeks at least, your mileage may vary), Livepatch probably doesn't give you many benefits. It's mainly intended for servers which are supposed to have months and years of continuous uptime without reboots.
See e.g. this blog post for more information about Livepatch: http://blog.dustinkirkland.com/2016/10/canonical-livepatch.html
You have to run snap for this to work, which is not a big deal for some, but a dealbreaker for me.
I actually tried this for a while (months) when it first came out, and it never got invoked.
You are unlikely to need this on a desktop computer.
Seems to me this is unneeded if you are running AWS instances in EC2 as the kernel is not upgradable even though it says so in the welcome messages. I think AWS tunes their branded kernels and there isnt a need to install livepatch as it will never pull any updates.
There is further description within the dialog. Livepatch allows you to apply updates without rebooting. This is usually (but not always) intended to be temporary. In those cases, it isn't the same as restarting to apply the update properly. Also, some updates cannot be applied at all without rebooting
If you intend/need to keep your system on for long a time, and think you won't be able to restart for an update, it is best you set this up. As soon as an update (especially security updates) is rolled out, you want to get it running on your system ASAP to minimise risk
Absolutely NEVER install Canonical Livepatch unless you buy the Pro version. The free version puts you at risk by installing untested patches, YOU ARE THE GUINEA PIG!!! Just run the "canonical-livepatch status" command and you'll see you are a beta tester without any way to opt out.