1) Using a DDNS service such as no-ip.com or dyndns is not in itself inherently unsafe (if you really want to be frightened, your router is likely being scanned once every 30 seconds or so by script kiddies whether or not you're in DNS).
Agreed.
2) Opening router ports to the internet is the dangerous thing. For this, make sure you research the kit you're going to expose to the internet and also the ports you're opening, so that you know you're not exposing things that are already compromised or compromisable to the internet. If possible, also choose a random port number above 1024 so that you can be less susceptible to the automated port scanning efforts of the script kiddies mentioned in #1 above.
Agree with the first phrase.
Disagree with the gist of the rest - and the "choose a random port" stuff is utter rubbish, security by obscurity is not security, and the script kiddies can easily write automated scripts to scan a whole range of ports.
The only thing you should be opening up to the internet is a VPN that terminates on your router/perimeter firewall. You then connect to the VPN and can access the network behind it with a degree of piece of mind equivalent to how much you trust the manufacturer of your router/firewall to write decent code.
Unless you
really know what you are doing, you shouldn't open up direct access via NAT/PAT/PPtP/whatever to internal devices, because (a) they can be easily found (b) they probably can easily be bypassed
The alternative, if you can't be bothered with all of the above, or the mere idea of a VPN is above your technical capabilities, simply use something like Teamviewer or LogMeIn running on a PC which you can then access using appropriate client software on your remote laptop by simply entering an ID and password... no need to open
ANY inbound services on your router/firewall and no need to mess around with DDNS either.