In fact encryption is useless if you enter your password with your keyboard. If your computer gets compromised by a trojan it can read your password with a keylogger.
Not 100% secure does not equate to useless. In this case, the trojan checks for the wallet.dat file and sends it back to its server. If those infected with this specific trojan
had encrypted their wallet.dat file, then it would be useless to the thief.
However, your point does stand that encrypting the wallet.dat file alone is not adequately secure. There are
plenty of keyloggers in the wild. But it should be considered one of many steps taken toward security, rather than being the only one. Multi-layered security approaches are much stronger than taking just 1 decent step.
Part of the point of BitCoin is that everything is completely traceable. Check out blockexplorer.com. The "seller" does provide a uniquely identifiable piece of information with every transaction. That is your digital signature, which only the account's owner can create. However, the issue with wallet-stealing is that the private key used (in tandem with the public key or address) to create that digital signature is compromised, making the original account owner no longer the only account owner.
I wonder if it is possible to store my bitcoin private key on smart card.
The private key is in your wallet.dat, so either just back up the entire wallet.dat or use a tool (they exist, I think I've read?) that extracts your public/private key pair(s). Worth noting is that if this practice becomes commonplace, trojans and such will start looking for this form of information, as well.