On the contrary, I think there's a significant degree of thought spent on especially forensic issues. Reading the blog post indicates that today, any tool can fake any PID for syslog, apparently, because syslog spends no effort validating the client-given PID value. There's apparently linux-specific way to find out the true PID of process connecting to the syslog facility, and systemd is using it.
Undocumented binary data doesn't mean it's somehow fundamentally unreadable. You just compile the library and use it to read the crap. And it's open source. Sheesh.