[kortilla]

> However, allowing a user to intentionally let a piece of software listen for outside connections is in no way insecure.

Unless you care about security of course. “A user” in your sentence can quite frequently be vulnerable or malicious software.

[billytetrud]

No, "a user" in my sentence is intended to mean a human. Its very possible to program software to require human approval for connections. Also, if malicious software is already running, then it will be able to make connections to remote servers that it wants, no need for it to passively listen. IPv6 does not make this problem worse.