Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bug In Samsung S3 Grabs Too Many Images, Ups Data Use

Posted by timothy on from the my-t-shirt-size-is-sx-s-m-l-xl-and-xxxxl-simultaneously dept.

First time accepted submitter Emmanuel Cecchet writes "Researchers of the BenchLab project at UMass Amherst have discovered a bug in the browser of the Samsung S3. If you browse a Web page that has multiple versions of the same image (for mobile, tablet, desktop, etc...) like most Wikipedia pages for example, instead of downloading one image at the right resolution, the phone will download all versions of it. A page that should be less than 100K becomes multiple MB! It looks like a bug in the implementation of the srcset HTML tag, but all the details are in the paper to be presented at the IWQoS conference next week. So far Samsung didn't acknowledge the problem though it seems to affect all S3 phones. You'd better have an unlimited data plan if you browse Wikipedia on an S3!"

19 of 99 comments (clear)

  1. If this was really a problem... by TheSimkin · · Score: 3, Insightful

    If this was really a problem it would have been noticed a long time ago.

  2. The relevant quote with fault highlighed by tuppe666 · · Score: 5, Informative

    The Samsung S3 browser bug
    ======================
    When comparing our results on the different devices and networks for our Wikipedia trace, we noticed significantly higher latencies for our Samsung S3 smartphone on both Wifi and 3G. We first looked at the number of HTTP requests per page and the size of the pages down loaded from the server. Our findings are illustrated on Fig. 13. The number of HTTP requests is always much higher for the Samsung S3 and the page sizes are much bigger. Note that the page size for Samsung S3 on 3G is sometimes very small as we only account for successfully transferred bytes and not expected object sizes. On a successful page load, the page sizes should be the same on both networks. Fig. 14 gives an insight into the cause of the problem. By
    looking at the recorded HTML page source, we saw that Wikipedia pages use srcset HTML tags that indicate a list of images to pick from depending on the resolution and magnification needed by the device. It turns out that the S3 browser has a bug and systematically downloads all images in a srcset instead of picking only the one it needs (left most red circles on Fig. 14 show 3 different versions of the same image being downloaded). This can result in a massive amount of extra data download.

    The Wikipedia page dedicated to the Internet Explorer browser that typically requires 600KB of data download jumped to 2.1MB on the S3. This bug significantly affects the Wikipedia performance on 3G were these massive number of requests for image downloads overwhelmed the network and ended up timing out rendering an incomplete page. This can be seen on Fig. 14 where a large number of requests are blocked for very long amount of time and many of them fail with a ‘NO RESPONSE’ HTTP error code. Note that we were able to reproduce these results with the latest Android 4.2.2 for the S3 GT-I9300(international version of the phone). The issue was also reproduced with an S3 SGH-I747 which is the AT&T US version of the phone. We believe that this problem affects all S3 versions and have contacted Samsung to report the issue.Having a database with results from other devices helped us to quickly locate the origin of the problem and detect this previously undiscovered bug. Based on this experience, a possible direction for future work is to design tools that automatically analyze and report anomalies by comparing
    experience reports between devices/networks for the same trace.

  3. Use Opera Mini and you'll never worry about data by JoeyRox · · Score: 3, Interesting

    All pages go through their browser for reformatting to your device's screen dimensions and compression. There's also an option to disable loading of images, which I use most of the time. The only downside is all your web activity is seen by their servers, so I only use the Opera for my unimportant stuff.

  4. Company reactions to major problems. by Moppusan · · Score: 2, Insightful

    Why does it seem when major problems like this arise companies are quick to dismiss/deny/ignore whatever as the first response?

    --
    You can dance if you want to.
    1. Re:Company reactions to major problems. by cecchet7542 · · Score: 5, Informative

      Actually trying to report the bug to Samsung was quite hard. First there is no place to report such bug in the first place. The place that seemed the most appropriate was tech support but it showed that Samsung is a hardware and not a software company. The tech support can just handle hardware issues with the phone or basic user issues using the phone. When we submitted our bug report to them they were at a complete loss and didn't know what to do with it. The office of the CEO message was kind of a last resort measure but once again the supposedly R&D team that reviewed the issue dismissed it saying it was just an Android problem and didn't investigate further. To really attract their attention, we should probably have posted on their Facebook page but maybe this /. post will incite them to look into the issue again. The conspirationist will see a collusion between Samsung and carriers trying to squeeze more money from users by inflating their data usage. The engineer will just see a subtle bug that is not easy to catch by QA unless you can compare your device behavior with other devices and automatically detect such anomalies.

  5. Re:Most people don't use the S3 Browser by Anonymous Coward · · Score: 3, Funny

    > Most people I know...

    A sound method to compile statistics.

  6. Re:Moot by Anonymous Coward · · Score: 2, Informative

    The vast majority of people use the stock browser, and defaults in general. Not everyone is a geek.

    http://www.androidpolice.com/2013/04/03/according-to-net-applications-stock-android-browser-usage-is-still-way-out-in-front-of-chrome/

  7. Except is an *Overstated* Bug by tuppe666 · · Score: 3, Insightful

    If this was really a problem it would have been noticed a long time ago.

    The summery overstates what is going on, it implies that using a surfing on a S3 Phone will cause you to burn several times the magnitude of bandwidth it should, its subterfuge.

    Its simply a bug in the stock web browser that does not break page views. that systematically downloads all images in a srcset instead of picking only the one it needs. An example "" if its not used...it does not happen.

    Why is it not being discovered is that it does not make enough of an impact in common usage. I suspect additionally if your have a carrier like mine they simply serve a compressed version of the original image anyway, or S3 users are now using like me Chrome. Popular alternatives like the offer the same functionality.

    The bottom line is Browser have bugs. That is not news, this is neither a critical, or even as stated a bandwidth hog.

  8. Fanboys overstating minor problems by tuppe666 · · Score: 2

    Why does it seem when major problems like this arise companies are quick to dismiss/deny/ignore whatever as the first response?

    I am not sure of your personal beef, but from the article which identifies a minor bug "have contacted Samsung to report the issue." Where is Samsung dismissing or denying...or ignoring the problem.

  9. Re:Very few websites use srcset by _xeno_ · · Score: 4, Interesting

    Wikipedia is the only site I know that does.

    Which isn't surprising: none of the major browsers support srcset yet. Not even Safari, despite srcset being an Apple-designed standard. (The editor is an Apple employee and is the person who came up with this standard that no one except Samsung implements.)

    Of course, there's very little point to implementing srcset as the use case for "hi-DPI images" is basically non-existent, so I suppose it's just as well that almost no one has bothered implementing a nearly worthless spec.

    --
    You are in a maze of twisty little relative jumps, all alike.
  10. Nothing to do with Linux by tuppe666 · · Score: 2, Insightful

    That's right! This is Linux. Not that Apples or Microsoft shit. Nothing ever goes wrong in Linuxland. Any kind of "error" you have with Linux is because you're too inept to use a computing device. Any real user would have rooted this phone and installed CustomModXYZ 10.43222.8a.

    ...Ironically This is nothing to do with Linux(The Kernel) this is a *bug* in the stock browser, you can ignore it and simply use Opera or Chrome on Android, Would the same true for Apples or Windows Shit(sic).

    1. Re:Nothing to do with Linux by Nerdfest · · Score: 3, Informative

      With Apple, you can install other 'browsers', but they're really just skins for the internal webkit engine, and they do not integrate fully with the OS.

  11. Bad Data by tuppe666 · · Score: 3, Informative

    The vast majority of people use the stock browser, and defaults in general. Not everyone is a geek.

    http://www.androidpolice.com/2013/04/03/according-to-net-applications-stock-android-browser-usage-is-still-way-out-in-front-of-chrome/

    It does not change your point of your comment but netmarketshare http://marketshare.hitslink.com/browser-market-share.aspx?qprid=0&qpcustomd=1 where the data comes from, has something wrong with the way records data, especially with mobile usage. Its often quoted on Apple sites due to its heavy bias towards Apple(that does not reflect real world use). They have heavily massage figures, and they do not match those of independent larger sources. Here is statcounter http://gs.statcounter.com/#mobile_browser-ww-monthly-201205-201305 (Again it does not dispute your point but the source data)

  12. This is a big deal.. by Severus+Snape · · Score: 2

    The comments so far have made this out to not be such a big deal, people should just use other browsers. I see it differently. The majority of smartphone users now aren't just the tech savy, it is now mostly ordinary users too. When considering 500MB is the usual data cap this is a problem, with the amount of data slurped up by the likes of Facebook, this must push useage up pretty high if loading a wikipedia page is taking over 2MB of data. Once your over your cap, the costs sky rocket. This is before you even thinking about the difference in loading time of 3G from the need to pull 10 times as much data.

    Unfortunately with the situation we have on android, with handset developers and carriers both being reluctant to push updates, don't expect this to be fixed any time soon.

    1. Re:This is a big deal.. by cyber-vandal · · Score: 2

      I'e had 3 updates to my Note 2 since November and my housemate recently had an update to her S3 Mini so I think, at least with Samsung's newer phones, that they're finally doing the right thing.

    2. Re:This is a big deal.. by neonmonk · · Score: 4, Informative

      As others have noted, Wikipedia is pretty much the only website that has even implemented src-set. This is not a big problem. This is a very minor problem.Maybe if the whole world was using src-set then it would be a big problem, but they're not, and won't be for a long time seeing as none of the big 4 browsers have implemented it.

    3. Re:This is a big deal.. by _xeno_ · · Score: 3, Informative

      When considering 500MB is the usual data cap this is a problem, with the amount of data slurped up by the likes of Facebook, this must push useage up pretty high if loading a wikipedia page is taking over 2MB of data.

      Not really, because Wikipedia is basically a worst-case scenario. To show you what I mean, here's the first <img> tag off Wikipedia's home page at present:

      <img alt="The Tichborne Claimant" src="//upload.wikimedia.org/wikipedia/en/thumb/3/37/TichborneClaimantSketch_cropped.jpg/100px-TichborneClaimantSketch_cropped.jpg" width="100" height="137" srcset="//upload.wikimedia.org/wikipedia/en/thumb/3/37/TichborneClaimantSketch_cropped.jpg/150px-TichborneClaimantSketch_cropped.jpg 1.5x, //upload.wikimedia.org/wikipedia/en/thumb/3/37/TichborneClaimantSketch_cropped.jpg/200px-TichborneClaimantSketch_cropped.jpg 2x" />

      The bug appears to be that it loads all three images specified - the 100px (from src), and the 150px and 200px (from srcset) versions. But that's because Wikipedia not only uses srcset, it provides three different resolutions: a default (100px), and two "high DPI" versions (1.5x and 2x). Most other websites don't even use srcset at all - because no other browser even supports it. Not Firefox, not Chrome, not even Safari despite srcset being an Apple creation.

      Facebook doesn't use srcset, so it won't trigger this bug.

      In fact, I don't know of any website that does use srcset other than Wikipedia. Google doesn't. Twitter doesn't. Facebook doesn't. Slashdot doesn't. (Nor does CNN, Fox News, the BBC, Yahoo, Flickr, Tumblr, or Amazon.com.)

      It's basically a bug that will only trigger on Wikipedia, so no, it's not really a big deal because unless you spend a lot of time on Wikipedia, you'll almost never trigger it.

      It's still a bug that should be fixed, but I'd be hard-pressed to call it a "big deal," solely because about the only way you'll trigger it presently is on Wikipedia.

      --
      You are in a maze of twisty little relative jumps, all alike.
    4. Re:This is a big deal.. by dkf · · Score: 2

      As others have noted, Wikipedia is pretty much the only website that has even implemented src-set. This is not a big problem.

      There are quite a few sites that use MediaWiki (often with heavy skinning) and many of those will be sites that users are more likely to visit than average. On the other hand, the number of those that use a srcset is probably quite a bit lower (unless MediaWiki is doing the work behind the scenes). In short, while the problem isn't pressing, it should be addressed sooner rather than later as it is likely to become more prevalent.

      Mind you, I think there are good reasons for just scrapping srcset entirely; the current draft spec states that

      "This, unfortunately, can be used to perform a rudimentary port scan of the user's local network (especially in conjunction with scripting, though scripting isn't actually necessary to carry out such an attack). User agents may implement cross-origin access control policies that are stricter than those described above to mitigate this attack, but unfortunately such policies are typically not compatible with existing Web content."

      Good reason for just throwing it away and trying something else less security-stupid, IMO.

      --
      "Little does he know, but there is no 'I' in 'Idiot'!"
  13. Re:Very few websites use srcset by POWRSURG · · Score: 2

    When the standard has not been fully defined and is not working in any current browser, yes, I'm all for pushing the bar of HTML5. I actually bought one of the Firefox OS developer phones. It's great for those of us who want to experiment, but I wouldn't make a big case if browsers working on experimental features have bugs in them. Heck, I wasn't aware that srcset had even gotten to an experimental implementation stage yet. No one else has implemented it. Kudos to Samsung for starting on it.