Although interesting, that talk highly exaggerates its claims. There is certainly a strong correlation between power exposed to file formats and both likelihood of bugs and exploitability, and reducing that power is certainly a good idea, but such protocols are far from "effectively unsecurable". It's certainly possible to create a safe bytecode parser and even formally prove it correct with automated tools, and while length fields are easier to get wrong than simpler formats, this is mostly caused by C integer and pointer computations being so easy to mess up, and the problems could be effectively solved with little overhead by using bigints and checked pointers inside parsers - a matter of engineering, not computer science.