What might have happened is this:
1. NSA bribed someone to obtain Google's SSL certificate private keys
2. NSA installed wiretaps outside of all Google datacenters
3. NSA hired someone to write software that would reconstruct Gmail inboxes, login activity, etc. based on the decrypted traffic
If Facebook, Google, etc. are indeed innocent they should change SSL certificates immediately, store the new ones in secure cryptographic hardware, stop offering non-HTTPS access, and start inspecting network equipment for the wiretaps.
If Facebook, Google, etc. are indeed innocent they should change SSL certificates immediately, store the new ones in secure cryptographic hardware, stop offering non-HTTPS access, and start inspecting network equipment for the wiretaps.