It's a lot easier just to install a hidden keylogger then it is to fart around with certs and try to crack https.

Google even references this in the press releases - most of the information gained was done through phishing.