Schneier talks about NAT and 2004 windows laptops (ie, with winxp). I actually asked Peter Gutmann during an IETF meeting around 2005, and he confirmed that nat had improved the situation around and win98/win2k/winxp windows machines and bot nets. If I recall right, the gist of it was that windows machines needed something, and while nat is wrong and bad, it "worked" in this aspect.
This is about as far from a server installed with ubuntu in 2012 that one can get. You are not going to find any such article by Schneier promoting default firewall installations. I suggest here to check out Secrets and Lies by Schneier, as it is rather clear that a firewall need to be configured against the specific threats one can identify. If you fail at identifying threats, the firewall is likely not be useful at all, or will simply work identical to NAT. At worst, it will give a sense of false security.