You portray encryption as a magical energy. To the best understanding of cryptanalysis research, current TLS is secure. Hypothetically it could be broken and publicly unknown, but this is not a matter of "power".
> the other endpoint
It's not sensible to say encrypted web traffic is snooped on by an actor with direct access to the plaintext.
The simple statement made in OP, does not capture the complexity of operational security, which is very difficult to get right. I was merely trying to illustrate that.
For e.g., even though TLS is end-to-end secure (and I don't doubt that), a website that uses CloudFlare front [1] is susecptible to its secure traffic being intercepted by CloudFlare, because by-design TLS would be terminated at CloudFlare servers'. However, note that the end-user does not notice that, rather he sees his traffic end-to-end encrypted.
> a website that uses CloudFlare front [1] is susceptible to its secure traffic being intercepted by CloudFlare, because by-design TLS would be terminated at CloudFlare servers
Keep in mind, this is also true of cloud providers. By running the hypervisor, AWS has full access to your instance's RAM and could snoop on traffic if they pleased.
A compromised service provider is a risk you're accepting unless you own and physically control the hardware terminating TLS. Whether this is an acceptable risk comes down to your threat model. (As do so many things in infosec.)
> the other endpoint
It's not sensible to say encrypted web traffic is snooped on by an actor with direct access to the plaintext.