The NSA is perfectly capable of hijacking SSL'd connections as well. They don't even need to do anything nefarious; my computer has (included by default) 4 root certificates controlled by the DoD.