Using a single step plain hash for brain wallets is definitely a bad idea. But I like the WarpWallet approach.
So far it has stood the test of time even with a password of just 8 alpha-numeric characters. (not even salt)
The key difference is that there are so many iterations instead of a single hash that brute-forcing those keys would not really be feasible (yet).
actually the main difference is in usage of a key derivation function called "scrypt" which is a memory expensive KDF and with decent settings it can become very expensive to break. N=2
18 and r=8 are the "cost" that are making it expensive since you are basically deriving a 1024 byte long key and then mixing it in 8 blocks, 2
18 times then deriving another key with that mixed key both times using PBKDF2.
by the way the "s2" variable it uses is quite pointless in my opinion, they could have just increase block size factor from 8 to a bigger value!
and finally i have to mention that even with this much complication, this implementation is also suffering from the same flaws as any other brain wallet: people are not capable of creating a truly random password. most of them will use simple terms which can be found/guesses easily.
setting a couple of complicated passwords as challenge doesn't mean the method is safe. you could do the same thing with other brainwallets too!