[Thereasione]

My guess: -SSL protects only as far as the cloud; they sits after decryption and can get the clear text data

-They can hack into people's computers (using zero day) and read the data before it's ever encrypted

-SSL/TLS do not offer forward security, so the encrypted data can be stored and then cracked if/when the keys become available later

-Man-in the middle attacks that substitute fake keys to both sides and capture the data anyway. It hepls if they captured one or more certificate authorities.

-Brute-force attacks against poorly-configured keys (too short) for SSL and VPNs.