The worst problem is that shortening services add another layer of indirection to an already creaky system. A regular hyperlink implicates a browser, its DNS resolver, the publisher’s DNS server, and the publisher’s website. With a shortening service, you’re adding something that acts like a third DNS resolver, except one that is assembled out of unvetted PHP and MySQL, without the benevolent oversight of luminaries like Dan Kaminsky and St. Postel.
Since starting up on Twitter, it’d occurred to me that clicking a shortened URL is a pig in a poke at best. Yet somehow it doesn’t feel as dangerous to accept a shortened URL from @apelad or @nprscottsimon as it would if I just found one in my email. Perhaps because, if they did post a hazardous link, I’d just un-follow?