You're right, but if even one person uses certificate pinning, they could make a post somewhere saying "hey, Lavabit's SSL certificate just changed, any thoughts?" and others may suspect that something fishy is going on. Especially if it were to occur after the NSA leaks.
If you're referring to an MITM attack, then the attacker could intercept the connection (establishing SSL under its own certificate) only when attacking the specific target. The target himself would need to notice that the certificate fingerprint changed.
