[saurik]

One of the things that I personally think is "data" is "software", and I believe that all data should be something that is able to be transferred via e-mail. A sufficient set of random clicks from an e-mail currently can--and in my world view absolutely should be able to--lead to arbitrary code execution without any form of security vulnerability.

[Piskvorrr]

The sets Arbitrary code execution and Security vulnerability have a significant overlap; and much of the decision "do I want the program to do what it's about to do?" is in the eye of the user (e.g. the excellent tools by Nir Sofer could be used for Good or for Evil: "Does the user actually want to list their WiFi network passwords, or is this an evil code the user was tricked into running?" The code has no way of deciding.).

However, I see some hope in https://www.qubes-os.org/ - alas, setting it up is not quite as convenient as "meh, open everything everywhere to everyone."