I've quoted from both those sources in another thread here somewhere.The ten ways to discover bridges raises issues that don't apply to private, unpublished bridges.It's worth noting that Iran could only do that because they had live access (normal logging wouldn't have revealed it, according to Roger Dingledine - full bore deep packet inspection was required, actually examining every packet flowing through the big-assed multi giga-bit Cisco routers) at two points to the data stream, one at the ISP, and a second one at the backbone peer connection. Even with that, Irans blockade lasted less than a day - the Tor devs had disguised Tor traffic as SSL traffic and used certs that expired in two hours. Several hours after the blockage was instituted they released a fix that changed the expiry times to be in line with 'normal' SSL certs. Iran didn't detect Tor traffic per se, but rather recognized the short-term certs were an anomaly that some, but not all, Tor traffic presented. The situation lasted for less than 24 hours.But all that's getting waaay off the point, and the point is this: running a relay dramatically decreases your security and increases the chances that logged and mostly public information can come back and haunt you if you are ever faced with investigation. No, it won't be sufficient to start one, but anyone who does illegal shit and doesn't assume that someone, somewhere, is - or will someday be - investigating them, is playing a fools game.Minimize risk, maximize freedom.