You can make compressed vanity keys. It's actually a little bit faster.
Really? Is the hash of the 257 bit key really that much faster than the hash of the 512 bit key? It it even noticable? The second and third hashes will take exactly the same amount of time and the pub = priv * G operation will be exactly the same so we are really just talking about the computational difference in the first hash here.
I can see that doing
both would be a bit faster:
1) Generate the random private key
2) Calculate pub = priv * G
3a) Hash the uncompressed public key, check for the desired pattern
3b) Hash the compressed public key, check for the desired pattern
4) If no match go back to step 1)
So this way you get two attempts at the desired pattern per pub = priv * G operation.
