Hamachi and STUN were what I was thinking of when I referred to user-unfriendly NAT busting. It's true that these are not much harder to get working than a modem, but they don't match up with modern consumer expectations of ease-of-use and reliability on firewalled networks. It would be nice if Internet standards could keep up with industry so that these expectations could be met. It's totally understandable where we've landed due to modern security requirements, but I still feel something has been lost.
Hamachi does not require you to open any ports on your firewall by nature. Except maybe the local firewall (Windows firewall, likely) which apps should automatically get asked for when they try to use a port.
I mean, internet standards kept up. IPv6 is a thing, and some form of dynamic IPv6 stateful firewall hole punching a la UPnP would be useful here. Particularly if the application used the temporary address for the hole punch--because once the address lifetime ends, it's basically not going to get used again (64-bit address space). So that effectively nullifies any longer term concerns about security vulnerabilities.
