"Most college networks require a login to use- even from your personal computer(s)."
Actually, not a login, for the simple reason that that breaks all non-browser devices. They require registration of your device, but if they required a login then no Playstations, Xboxes, or iPhones would work, because you can't login with an email client or a video game. Once a machine is registered (Identified by the closest thing there is to unique, the MAC)then all the bad guy needs to do is check to make sure the target machine is not on at the moment, and spoof the MAC address. The traffic will be logged as belong to the poor innocent spoofee. And yeah, it may be less than 1% that know how to do it, but a single innocent person be persecuted or prosecuted is too many.