... and some are considerably less equal than others.
one of the most fundamental problems with URL shorteners in general is that they obfuscate the final destination. when you follow one of these shortened URLs you're often putting your online safety at risk because you literally can't see where you're going.
some URL shortening services try to mitigate this problem. tinyurl.com, for example, allows anyone to add the preview subdomain to a shortened url (ex. tinyurl.com/whatever -> preview.tinyurl.com/whatever) in order to change the behaviour of the shortened URL so that instead of taking you directly to a potentially suspect site it will take you to a safe page on tinyurl.com's own site that displays the URL of your final destination so that you can examine it and make an informed decision about whether you want to continue. it's a nice feature, but it's hidden - only people familiar with tinyurl.com know about it and would have the know-how to use it.
other services like bit.ly forgo letting the user decide on safety and actually filter bad URLs themselves, so as to protect the user even when s/he doesn't care or know how to protect themselves. this is also a nice feature but there are limits to the effectiveness of filtering badness (as readers of this blog surely are aware).
yesterday, however, i encountered one of the worst URL shortening behaviours i've encountered in quite some time. the th8.us URL shortening service, instead of redirecting you to the original URL like most URL shorteners do, shows the contents of the original URL in a frame underneath some google ads (at least that's how it appeared in iron - a privacy enhanced derivative of google's chrome that i used in a sandbox after seeing some rather strange behaviour in firefox). this means that normally you can never see where you're going, even after you've gotten there. it gets worse, though.
if you're like me and normally use firefox with noscript, what you'll likely see when trying to visit a th8.us shortened URL is a blank page with a noscript icon on it indicating that you have to add the site to your whitelist in order to see any of the content. what that means is that not only can you not see where you're going, you have to lower your defenses in order to get there without knowing where there is. it gets even worse than this, however. while you do need to add th8.us to your whitelist, you also have to add the site with the actual content (so technically noscript is giving you at least some idea of where you're going) even though that site wouldn't require whitelisting if you go there directly. this essentially amounts to forcing an unnecessary privilege escalation for a site that would have normally been usable and (more importantly) examinable without it. a privilege escalation, moreover, before you have any information with which to judge the safety of the page or evaluate whether whitelisting is truly required for your purposes.
this is pretty horrendous behaviour from a security perspective (ironic, then, that it was a representative of a security software company i found using it) and i hope that people can see fit to steer clear of services like this and that th8.us can find some way to improve the security footprint of their service. while they do actually have a preview feature similar to tinyurl.com's, it suffers from the same drawback of being hidden functionality that only people familiar with the service would know about (and i dare say that there are far fewer people familiar with th8.us than with tinyurl.com).