It was interesting article on SGNOG3 conference in Singapore presented with the topic Security in an IPv6 World: Myths and Reality.
In spite of a large useful information amount I found one slide pointed NAT as a "myth" of security. It also points that NAT can even reduce security and statefull firewall is a Bruce Willis for IPv6.
It is a point for discussion.
It is clear that NAT and other technologies is not a "secure all" button. It is a tool. One can use it in a right way and another may use it in a wrong way. So it is possible to increase and decrease security level using the same technology with different approach.
Let's examine firewall. It is a security device and it must make network safer if used. If you swap some L3 device in the network part to stateful firewall you don't become protected a lot with its' default functions. If you don't use ACL, uRPF and another features you can feel a false safety. This state of the false safety is a very harmful factor. It is the same situation as if some man buys a gun to protect himself but he can't shoot psychologically. The result may be more tragic than in the case of gun absense.
