Open ports by themselves don't constitute a security risk.
This comment is sadly the kind of horrifically dangerous and stupid comment that permeates the Android technical community.
If a port is opened on an Android device, that 100% means that an app opened it for some reason, which means that 100% there is for some period of time going to be a service running that receives on that port. Maybe the user deletes the app but why would they? Most people wouldn't bother. Many probably do not even know HOW.
So that means that ALL of the most vulnerable people are at risk, which you casually dismiss because an open port "means nothing", the way an orange glow and smoke pouring from a house "means nothing" until the external edifice is reduced to ashes...
I mean, a separate comment I saw pointed out that android users really should use netstat of the phone. Good grief.
This is why I cannot in good conscious do anything except steer every non-technical user away from Android.