It has been discussed over and over on hackernews recently so just tldr version.
Let’s consider two scenarios.
1) NSA forces CA to issues a certificate for google.com and decide to man-in-the-middle you.
In that case there is a mechanism call certificate pinning. To put it simply certificates of Google, Facebook, Twitter etc. are hard coded into Firefox and Google Chrome. (Microsoft provides this ability in IE using latest EMET 4.0). So if someone tries to send you cert for google, which doesn’t match the one hardcoded your browser would get crazy and issue a big red warning :)
2) NSA records your encrypted communication with Google and later obtains Google private key (either by factoring Google public key or using some secret court order or whatever). In this case they CAN’T decrypt your communication with Google because Google uses version of Diffi- Hellman protocol with so called ephemeral keys. More here http://googleonlinesecurity.blogspot.com/2011/11/protecting-.... Ephermal DH is not implement by many sites (hackernews does it, facebook doesn’t)
SSL can be broken in myriad of different ways but at least in these two scenarios you are to certain degree safe
The encryption (if implemented correctly) is good, but if an intelligence agency has access to a Certificate Authority, or the target of your communications, man-in-the-middle attacks are feasible.
SSL can be broken in myriad of different ways but at least in these two scenarios you are to certain degree safe