should not be used as protection - that is something Windows/Microsoft jumped on because the services on the OS were vulnerable, ie it introduced security without the dev's doing much more work.
Correct, but it is a mighty handy side effect of NAT. It's another layer of security that is better than nothing. I would hazard a guess that for the majority (i.e. residential broadband customers), nothing is the alternative.
I take it the recently reported issue of an entire country (Dubai?) being blocked from editing Wikipedia articles due to the abuse of a single user of the single IP address behind which much of the country was NAT'd, isn't an issue of this then? Security is one thing, but isn't there an obscurity issue to be raised as well? (A cheap, NAT'd and thus semi-anonymous, dialup ... hmm... am I just pessimistic about user tendencies?) Mark.