I brought this up several months ago, but upon my return to the forums, I found that nothing had been changed, and so am bringing it up again.
rm -r .* does exactly what one would naively expect it to do: it deletes everything in the directory recursively, except . and ... The exclusion of . and .. is explicitly outlined in the POSIX standard, and I've never seen any rm that follows '.' or '..'. Unfortunately, the Malicious Commands announcement describes the command as a deceptive one that will follow .. and delete everything above the working directory. In an announcement that is threatening immediate banning with no consideration for the circumstances, I would expect the examples given to be accurate enough to not create the potential for mistaken accusations.
In general, it would be very nice if the announcement could be revised, now that the immediate situation from which it arose is far behind us. The way the examples are described could easily be mistakenly interpreted as saying, for example, that one should never run dd to a block device, when most of the cases when one actually needs to do so are probably going to be discussed in forums like these.
I'm posting this here because I'm not sure where it should be posted, and the announcement doesn't allow replies.