Yes, I think disabling it allows for more hole-punching techniques, since you can basically maintain a TCP connection indefinitely and across network connectivity changes.
iirc more like that you basically need the 'loose mode' because most cpe's are bridging wireless and wired networks, but this then won't protect against the more serious shenanigans
