Actually, we still need external-to-internal connections (e.g. p2p file transfers, not only Bittorrent, but also IM file transfer, VoIP, game servers and so on) so the NAT gets punched through routinely.
The security isn't really provided by NAT, it's provided by the firewall; yes, a stateful protecting the entire end-user network is desirable, but NAT isn't really required for that to function effectively.
Even security-by-obscurity in case of a NAT router is doubtful, unless it's fronting a relatively big network. For home networks, the address of the network is identifying enough. By monitoring traffic you can even guess how big the network is.
The security isn't really provided by NAT, it's provided by the firewall; yes, a stateful protecting the entire end-user network is desirable, but NAT isn't really required for that to function effectively.
Even security-by-obscurity in case of a NAT router is doubtful, unless it's fronting a relatively big network. For home networks, the address of the network is identifying enough. By monitoring traffic you can even guess how big the network is.