I'm pretty sure this has been fixed in 11.4 as I wasn't able to reproduce his results, but it makes me believe 11.3 and below is fair game.
In my opinion, it is a joke.
It is not a joke, just the story doesn't reveal everything )
Well I will disclose what hasn't work for me so far
I tested on iOS 11.4 and on 11.1.2 without success. I purchased a lightning to USB adapter that allows you to feed power and plug a usb device into an iPhone. I programmed a RubberDucky with a long string of numbers (with the last one being the one that would unlock the device) and got the 1 minute, then 5 minute delay. I will note that neither device had the wipe after 10 failed attempts enabled.
I noticed something very interesting when re-watching the video he posted. At 16 seconds, if you pause it, you'll notice the following HDBox-Keyboard. Now at this point he has plugged the phone in (to what he says is a computer, but shows us nothing) and then I see that. I happen to own an HDBox which is a device that allows for the brute forcing of Android Passcodes, Patterns and iOS passcodes. Currently my device is at work so I can't test it, but will definitely test it out on Monday.
Figured it out! It does definitely work on 11.4 and almost as described by the author. They've updated the article, but I think he was close to on the money.
So my testing was flawed. Seems iOS ignores multiple entries of the same code. Thus if you enter 000000 30 times you won't get hit with any limits, but if you entered 000000..111111…222222 etc you'll hit the limit. Back to the drawing board.
I think he made the same mistake during his original testing, he has now retracted his claims and the articles were updated.
Yeah I was reading the retractions yesterday. The piece I don't get is how he was able to send the full string without a timeout. Nothing I did could reproduce those results as both devices I tested timed out after 5 attempts. We shall see I suppose!