It seems that because brainwallets aren't in common use, we don't see all the "my brainwallet got 'hacked'!!?!" stories/posts that popped up in the "Good ol'day"™ when they were still popular and the less than morale types were busy running various "dictionary" attacks using all sorts of datasets (poems, lyrics, basic words, dates, names etc)... As such, history threatens to repeat as newcomers don't seem to realise the dangers of using them.
You can use salts to avoid that.
Moreover brainwallets are not designed for big transactions, neither to hold funds during several weeks as anyone understands, it's just some kind of vehicle.
I concur. I can't really think of any situation where a brainwallet would be preferable to a properly (randomly) generated wallet/private key...
Why bip39 mnemonic codes have been created? It's because hex and base58 strings are not convenient for humans. You can't deny that. You can't surely remember a new btc address, you can't easily spell it by phone, when you write it down you can make mistakes since it's 0 error-tolerant, etc.
Moreover in third world countries not everyone owns a smartphone, and in many places of the world there is no 3G/4G network available. These people shouldn't be able to use bitcoin?
How are they going to use bitcoin with access to the internet?
Except maybe on some small islands, I think nowadays you can find "wired" internet in every country.
In worst case, you can use the blockstream satellites to get the blockchain and send signed raw transactions to people having internet in order to broadcast them.
As such, history threatens to repeat as newcomers don't seem to realise the dangers of using them.
Whenever I see someone considering using a brain wallet, I usually direct them to the following places:
Collection of 18.509 found and used Brainwalletshttps://eli5.eu/brainwallet/Ask them to have a quick read of that thread and click on some of the transactions linked, or pick a few random addresses from the second site and again look at the transactions, paying particular attention to the times of the deposit and withdrawal transactions, and see that the withdrawal (stealing) transaction is generated and broadcast usually within a second of their deposit transaction.
So you are implying some people are monitoring billions of billions of addresses?
As I said above you can use a salt to avoid that.