Are "bug bounties" cost effective?

Recently Microsoft, Mozilla, and VeriSign have offered "bug bounties" to help squash critical defects before release. Brilliant I say! Using money to motivate testers during development is a win-win situation. Testers win since they can get some serious cash if they put their nose to the grind-stone and the software/company wins because:

• Defects that are found and fixed early are cheaper than post-release defects (post-release cost can be 100 times development cost, e.g $50 vs $5000).
• There will be less embarrassing critical and security defects found at post-release.
• Quality Assurance (ad-hoc) is marketed, which screams "We care about quality".
• The company only pays for severe defects but will still get a valuable set of less severe defects for free.

Are there hidden costs though? I can think of a few:

• The time and effort wading through crappy and duplicate defect reports.
• Larger scale efforts to manage the plethora of testers and defects.

The benefits obviously out-weigh the hidden costs. What other positive and negatives can you think of? Talk to me fellow engineers!