Come on man, people who know how to choose good passwords and store them correctly while using brainwallets are as safe as using other "normal" wallets. I have seen so many stupid missuses with the wallet.dat files so far that are as bad as bad brainwallet passwords.
This means nothing, if people are using brainwallets, they are not less safe automatically.
Yes, they absolutely are less safe automatically. A person who wants to break your wallet.dat password must have your wallet.dat file. Brainwallets have no file.
Brainwallet cracking tools can run extremely fast - the cracking can be run offline against an indexed version of the blockchain, and can be distributed among many bots. A password of "m2wAHUnF91z" for instance (created from LastPass, and bearing approximately 51-57 bits of entropy, depending on how it's calculated) is absolutely reasonable for a wallet.dat password. It is absolutely NOT fine as a brainwallet key. Brainwallets should have no less than 128 bits of true entropy.
Creating a safe brainwallet is possible, but it is very difficult to do correctly. You have to forget everything you've learned about how to pick a good password.