FriendFeed had this over 2 years ago: <a href="http://friendfeed.com/steverubel/54df8bf5/short-urls-shared-on-friendfeed-now-reveal-re" rel="nofollow">http://friendfeed.com/steverubel/54df8bf5/short-urls-shared-...</a>
<i>it prevents me from ever clicking on a short link that will take me to somewhere evil</i><p>There are plenty of ways to trick people with links. For example, you can register a domain called not-hardcore-porn.com, and then put porn there. Or you can just poison some upstream DNS cache, and then facebook.com goes to phishing-site.com.<p>The Internet is very insecure. Short links are the least of our worries.
<i>"In speaking with a few colleagues, it appears Twitter is using the 301 redirect on the short URL to provide the mouseover with the full URL."</i><p>Is this just a non-technical person attempting to inject a little detail into the article? My first thought was, "How would I do this in JS?" and it took me a second to decipher that sentence.
I also didn't notice this until today, but this is a great feature to prevent spam and malware. Usually I feel like my Twitter feed is filled with people and links that are moderately trustworthy, but that leaves everyone vulnerable to someone hijacking a twitter account using firesheep or something else.
Any clue whether they are checking the destination URLs for malware? Using perhaps Google's Safe Browsing API ( <a href="http://code.google.com/apis/safebrowsing/" rel="nofollow">http://code.google.com/apis/safebrowsing/</a> )?