Re: Smart? Cards
Not sure why you got so many downvotes because you are absolutely right; holding the card does not prove you should be holding the card, and if we want to guarantee it is an authorised person accessing the system, rather than just an authorised card being used, we do need something more, probably biometrics.
But card access is good enough, at least good enough for now, being no worse than it already is, whether a Windows or a Linux setup.
What I believe brings a lot of big projects down is demanding more than needs to be done; not just moving from Windows to Linux as suggested here, but layering on other changes to improve security, to limit access, to provide better reporting, give larger cost savings, etc. What should be a simpler 'from this to that' migration becomes a whole new development with all its attendant problems, risks, rising costs and overruns.