I'm no security export, but I did a little research... An "open" port is a port that is set up to accept an incoming TCP connection.
If you have apps listening only on ports 9, 21, and 80, and your firewall blocks access to those three ports, you technically have no ports open. IOW, port 25, for instance, is not open because nothing is listening on it.
To answer your question: The reason it is bad to have open ports on your computer is because these ports can easily be discovered, and once discovered these ports are now susceptible to vulnerabilities of the listening applications.
