Specific to the iOS devices we studied, the alternate page
is returned via a special browser window instance of UIWebView,
an API offering limited web functionality. UIWebView
uses webkit, but is not a fully functional Safari instance.
This makes the attack more difficult because some
vulnerabilities which may be exploitable in Safari may not
be present in UIWebView, and the results of our experiments
and research showed this as well.