I guess that the unique properties of the vibrating elements of your wireless network card leave a fingerprint in outgoing packet streams that can be forensically correlated with the device that sent them. So spoofing MAC address may not be enough, rather using a throw away wireless device for every session. I had heard about this sort of attack before but I still do not know the details of it, however recently I heard a bit of debate in regards to if the logs left at the AP will contain enough information to fingerprint a unique device, or if specialized equipment would be required to take and later detect the fingerprints.